Traditionally, a Trojan will be used by attackers to steal someone’s credential such as username, password, and credit card information. Before I go any further, you might want to check out my post on the difference between Virus, Trojan, and Worms if you happen to be confused over these terminology. Basically, a Trojan is some malicious software that lives inside your computer to collect highly sensitive and use it as a hacking weapon if needed. Therefore it will rarely harm your computer but not for the user. That’s the traditional way how hackers programmed a Trojan but what’s the modern way?
The New Generation of Trojan is Intelligent!
The generation of Trojan does not aim just to steal the victim’s credentials, but to also execute a transaction where all your money in the particular bank will transferred away. I really mean all. This Trojan is not a prototype or some proof of concept, but it is already been reported by the German Federal Criminal Police (also known as BKA). Just recently, BKA already begin to warn users about this banking Trojan that works on Windows platform.
This Trojan does not attack you 24×7. In order to stay low profile and yet dangerous, it will hide itself just like the Zeus Trojan. When the victim starts browsing some online banking website and login into the banking account, the Trojan will then present a message stating that a credit has been made to the account by mistake and the account will be frozen until the errant payment is transferred back. Even when the victim view the balance, the Trojan will be able to manipulate the amount and show that a large amount of cash is transferred into the account. Since it was in the beginning that the amount need to transfer back in order to reactivate the account, the Trojan will prompt a screen for the user to fill up all the necessary information to perform transaction and then you know what will happen next.
What Should You Do to Prevent Getting Tricked by the New Trojan?
It is getting more popular now that the hackers will incorporate ‘Web Inject‘, custom designed plug-ins that manipulates what victims see in their web browser. If you happen to see anything suspicious happened to your computer when you login into your online banking account, do give the bank a call to verify all the necessary information. Do not use the number on your computer screen as the Trojan might had already manipulate the numbers. You have your ATM card or credit card and hence you should call that number. Did I mentioned as well that you need to use an antivirus to alert you about any Trojan intrusion?