The UK banking sector has been cautioned that it is at risk of an increased wave of Trojan attacks from two new variants identified by researchers at IBM X-Force.

The company said it is the first to confirm the existence of a new Zeus strain dubbed Sphinx. The commercial malware, being sold to cyber criminals, has already been detected in the UK and Poland. It is used for the theft of online banking authentication elements, such as user credentials, cookies and certificates. These are subsequently used by fraudsters for illicit online transactions, that are typically performed remotely from the user’s own device.

The second fresh Trojan threat relates to Kronos – a known banking malware that emerged in mid-2014. After a few dormant months, Kronos has re-emerged, targeting banks in the UK and India. The phishing-type malware displays fake web pages to its victims, aiming to harvest their online banking credentials, passwords and credit card information.

IBM explained: “The UK is, and has been for many years, a preferred target for cyber crime because of its prosperous economy and strong adoption of Internet based services for banking and payments. With that, although the UK is the country most targeted by banking Trojan malware configurations (per IBM Trusteer data), the past few months prove to be more active than the usual. Banking Trojans, like Shifu, Zeus Sphinx and Kronos, are configured to launch into action upon access to consumer, business, corporate and even wealth management accounts.”

Share Story: