New Malware Rewrites Bank Statements to Cover Its Own Tracks


Have you checked your bank account balance online lately? If so, you may want to consider verifying the numbers with a paper statement, because what you see on your computer screen might not be indicative of banking activity that's occurring right under your nose, according to a new security report.

Hackers have a new piece of malware to play with, one which not only picks your online pocket, but also hides the evidence of any wrong doing by rewriting online bank statements on the fly. Once the Trojan horse infiltrates a user's PC, it goes to work by altering the HTML coding before it's displayed in the victim's browser, making sure to erase any evidence of money transfers or other unauthorized transactions.

"The Trojan is hooked into your browser and dynamically modifies the text in the HTML," said Yuval Ben-Itzhak , CTO of computer security firm Finjan. "It's a very sophisticated technique."

A gang targeting customers of leading German banks first began employing the ruse in August and managed to steal Euro 300,000 (about $440,000 USD) in just three weeks. Finjan estimates that the gang using the scheme could potentially steal about $7.3 million annually.

While so far relegated to German banks, Ben-Itzhak warned that this technique is likely to spread to other countries.

Cybercrime Intelligence Report, Issue No. 3, 2009 (PDF)

Image Credit: Finjan via

Around the web