In the world of the Cyber attacker, there is one common tool that is still used. Keep in mind, that when compared to Bitcoin and Ransomware attacks, this technique is considered to be still very old. But even though it is a dinosaur, it is still stealthy and very covert. This is what is known as a “Trojan Horse”. It can be specifically defined as the following:
“A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems . . . Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can include:
- Deleting data
- Blocking data
- Modifying data
- Copying data
- Disrupting the performance of computers or computer networks”
So as you can see, it is a s software application that looks legitimate and safe enough to download, when it is really not. Typically, the Trojan Horse malware is deployed through an attachment, like a Phishing E-Mail. That is why you are told so often not to download attachments that look suspicious or that you are not expecting to receive.
To give you an example of just how stealthy the Trojan Horse has become, there is a new one out there called “BackSwap” that actually keeps track of the websites (or really the web pages) of the bank that you have your money with. Once it determines the web pages that you frequent the most, it can then inject malicious code into your web browser in order to capture your sensitive data.
Apparently, this Trojan Horse was launched all the way back in January of this year, but the Cyber attackers whom were involved with its inception didn’t really do to much with until March. The reason for the time gap: They wanted to make this things as stealthy and covert as possible. Just how is this exactly deployed onto the computer of an end user? Here is how:
BackSwap is deployed as a modified version of a legitimate app, with the malicious code being executed during the initialization phase when the bank’s web page opens up. But, the original code never used again. This clearly demonstrates a focus on increasing the level of covertness instead of tricking the user into believing they are running the legitimate app. As a result, this makes the malware more difficult to spot.
Interestingly enough, BackSwap has only targeted primarily financial institutions that are based in Poland, such as the following:
- PKO Bank Polski;
- Bank Zachodni;
- WBK S.A.;
Also, the Cyber attackers are not interested in large wire transfers, rather; they only target those wire transfer requests in the amount ranging from $2,800.00-$5,000.00). But as they say in the world of Cyber security, small leads to big in the end.
At this point, there are no firm reports of BackSwap impacting United States based financial institutions. But, this doesn’t mean either that you should let your guard down. There are plenty of other Trojan Horses that are out there just waiting to be deployed on your computer or wireless device.