Skip to main content

Banking credentials stealing malware hits Australian users

Monday, 13 Oct 2014

Researchers with security company Proofpoint have identified a cybercrime group that has infected more than 500,000 systems and is targeting online credentials for major banks in the US, Europe and Australia.

The Russian-speaking hackers that Proofpoint referred to as ‘Northern Gold' due to the name popping up throughout the investigation, has operated since 2008.

Their motivation appears to be financial, Wayne Huang, VP Engineering at Proofpoint, told SCMagazine.com on Monday.

Using Qbot malware, also known as Qakbot, the attackers have infected more than 500,000 unique systems – nearly two million unique IP addresses – and have sniffed conversations, including account credentials, for roughly 800,000 online banking transactions, according to an analysis [PDF] published last week.

Read the full story by itnews at: http://www.itnews.com.au/News/396548,banking-credentials-stealing-malware-hits-aussie-users.aspx#ixzz3FzrUhdl1