Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Fake pop-ups injected into online banking transactions
MADISON, Wis. (11/14/12)--The latest version of the Citadel banking Trojan malware has something malware analysts have never encountered before:  a browser malware that launches fake pop-ops during online banking transactions and tricks online users into re-entering their bank and credit union account logins and passwords.

The risks for credit unions and banks, as well as their members/customers, are obvious. And it means that credit unions and others will need to offer crash courses to their members about defending themselves from the advanced Trojans (Bankinfosecurity.com Nov. 12). Otherwise, financial institutions will see even greater losses due to fraud.

The Citadel, which is an advanced mutation of the infamous Zeus Trojan malware, was discovered in "underground" forums in January. It is a keylogger that steals online banking authorization credentials by capturing the computer user's keystrokes (Bankinfosecurity.com Nov. 12). The Trojan was the topic of a number of warnings to credit unions and banks in August by the Federal Bureau of Investigation (FBI) and the FBI's Internet Crime Complaint Center.

The latest version uses social engineering tools to create the pop-ups, even on legitimate banking sites. And that will confuse consumers making online transactions at their credit union's site.

In the underground forums, Citadel developers are claiming they have infected computers with the new version of the Trojan. They allege they have infected computers relying on Microsoft Security Essentials, McAfee and Norton. The new development has upped the price of the Trojan on the cybercrime market. Several months ago, it went for $3,000. Now it is worth $4,000, say malware researchers (bankinfosecurity.com Aug. 21).

Malware researchers said credit unions and banks should consistently educate users about emerging online and mobile security threats. Explain the variations of the attacks, such as the new pop-up feature, so consumers know what to watch for when online.  Also, train staff to identify more quickly suspicious transactions, including withdrawals and wire transfers.

Other advice:

  • Avoid using out-of-date software versions that have vulnerabilities easy to exploit. Software companies issue patches and updates; use them. Out of date Java software in particular has been a gateway for the Trojan infection, say researchers;
  • Run  full-system virus scans at least once a week;
  • Use caution when entering user names and passwords and enter these slowly to give time to back out if something seems odd;
  • Regularly visit the FBI's Internet Crime Complaint Center for updates about Citadel;
  • Have a computer expert remove any malware. Even if you succeed in unfreezing the computer, keyloggers and other malware may still be operating in the background; and
  • Never pay money or provide personal information to a suspicious online entity.
Other Resources

RSS print
News Now LiveWire
#FreeGasFriday courtesy of @tvfcu, TN #creditunions http://t.co/wDRFYJVlpz
21 hours ago
If you were unable to watch or attend @cuna 's @thehill Hill forum on Wed., you can now watch the archived version: http://t.co/FhUnp7HbU8
23 hours ago
Time is running out. If you haven't taken the #NewsNow readership survey, please click here now: http://t.co/4Gp6C2Wa4o
23 hours ago
African financial inclusion possible with mobile money: @IMFNews study http://t.co/0V5DTQToxY
1 Day ago
Louise Herring's birthday is Saturday. 105 years later, her legacy lives on through her kids http://t.co/oMqGADmo0d http://t.co/T3NmS9NqEY
1 Day ago