Contact Us

* Required Fields

Contact Us

Sophisticated New Malware Extorts Money and Steals Banking Credentials

Sophisticated New Malware Extorts Money and Steals Banking Credentials

DECEMBER 6, 2012

Consumers need to be aware of a new, highly sophisticated malware attack that combines a Trojan horse application along with so-called “ransomware.” Computer users typically will come across the malware after clicking on a link to a malicious website and installing the software, which is sometimes disguised or packaged along with legitimate software.

The ransomware, named Reveton, hijacks the victim’s computer and displays a message saying that the FBI and the National White Collar Crime Center have detected illegal content such as child pornography on the user’s computer. The ramsomware claims that the only way to resolve the issue and unlock the computer is to pay a “fine” to the FBI using one of the prepaid money card services recommended by the criminal. The malware also scares victims by telling them that all of their computer activity is being recorded along with their image and voice using the computer’s camera, microphone, etc.

A victim might think that he is safe once he pays the ransom and unlocks his computer, but the opposite is true. The Trojan horse application, called Citadel, which was installed along with the ransomware, is still running silently in the background. This software waits for the user to make an online purchase or banking transaction, at which time it records the user’s credentials and credit card numbers and sends them off to the criminals’ command servers. The financial information is sometimes used by the criminals themselves to steal identities and make fraudulently purchases. It is also sometimes packages in bulk with the information of hundreds or thousands of other victims and sold to the highest bidder.

Computer security experts have predicted that this type of combined Trojan horse/ransomware will become the most common attack against consumers in the near future. To make matters worse, criminals are perfecting their methods and the appearance of the malicious applications to make them blend in and look just like normal programs.

The best way to protect against these types of sophisticated attacks is to always have an antivirus application installed and updated with the latest virus definitions. Make sure your computer operating system is completely up-to-date, with all the latest security patches installed. Also, avoid installing “”toolbars”” and other free software that is often bundled with legitimate applications. If you notice that your computer is suddenly running very slowly after downloading something from the internet, it may be a sign that there is malicious software running in the background that you are not aware of.

Guidepost Solutions can help your organization harden its systems and educate your users to prevent computer security breaches.

About the author

schwartz_bBART M. SCHWARTZ

Bart M. Schwartz is the chairman of Guidepost Solutions LLC, a global leader in investigations, due diligence, security and technology consulting, immigration and cross-border consulting, and monitoring and compliance solutions. Bart can be reached at



Please enter your email to subscribe. By doing so, you are opting-in to receive news from Guidepost Solutions LLC.