Australia’s banks have been quietly working with a Russian security and forensics firm to swat a nasty banking trojan crafted in the Ukraine that has infected 150,000 Australian PCs since last year.
Once installed, the fraud software Carberp waits for a victim to login to their accounts and, via the browser, attempts to commandeer their transactions hijacking credentials and payments. Success rates vary, but its makers are responsible for millions in losses across Russia and Europe.
Security vendors including Symantec, Microsoft, Kaspersky and McAfee recognise Carberp as a nasty “family” of trojans that has been known to grab screen shots of victim’s PCs, log keystrokes and steal banking credentials.
According to Andrey Komarov, head of international projects at Russian firm Group-IB, the hackers behind Carberp have franchised their product to a well-known developer on the underground who built a module (a bolt-on component known as a “web-inject”) that repurposes attacks for banking customers in other parts of the world for Australia.