International Calls, Crypto-Miners and Banking Trojans

There are always so many types a varieties of scams in play. And there are many varieties of malware created every hour of every day. According to G Data Software (www.gdatasoftware.com) in 2016, there were 780 new variants of malware detected every hour. This creates a virtual mountain range for the average home user or small business owner to get their head around when they start to think about computer/Internet security. Even if you prefer to hide from it and let your anti-malware suite defend you against 99% of threats, that means you are still vulnerable to 8 new threats every hour.

What can you do.

The only real choice is to be informed.

This week the spot light is on a number of different threats. International scam calls, crypto-miners, and banking trojans.

International Scam Calls

The ACCC is warning all Australian citizens and business against this type of scam after a 10 year old fell victim to it.

An international number calls your mobile.  You answer. Perhaps they speak in English, perhaps not. It might be a recorded voice message, or it might be silence. The longer that you allow that call to keep going, the more it will cost you.

These scam calls are being made using Premium call services.  Premium call services are phone services that can charge your bill at higher than usual rates irrespective of whether they call you, or you call them.

The best way to avoid these scams is to be informed, and to inform your friends and loved-ones too. Typically, the number that the call is originating from will have more than the standard two-digit area code and eight-digit number.  This is the first clue that the call is coming from overseas.

If you do not have friends or family overseas, or business partners who would be calling, or if you do not recognise the number, do not answer, and do not return the call. Simple. If however you find that you have answered the phone to one of these scam calls, hang-up immediately.

Crypto-Miners

A crypto-what? A crypto-miner.

Crypto-miners can be either legitimate or malware. Many people have intentionally installed crypto-mining programs on their computers, for the purpose of earning crypto-currency such as Bitcoin. The way which this is done is relatively simple. Many people do not use the full processing power of their computer most of the time, and for many users, their computer may be switched on, without anyone at the keyboard, so the CPU is not being used to its full capacity. Crypto-mining effectively allows a users to rent-out the spare capacity of their computer's processors to assist in cryptography algorithm calculations, and in return receive a crypto-currency payment.

Crypto-mining has become quite popular with many crypto-currencies being created and exchanged around the globe. As its popularity has increased in the legitimate user market, so has it's popularity in the cyber-criminal world. Cyber-criminals are utilising trojan packages often in infected documents attached to spam emails, and other system vulnerabilities to install crypto-mining malware on the computers and devices of home users, small businesses, and large enterprises alike.  This then allows them to steal the processing power, and electricity from your computer, and to use it to generate Bitcoins or other crypto-currencies.

Crypto-currencies have gained a lot of popularity with criminal gangs, particularly those who wish to launder large amounts of money very quickly because it is almost impossible to trace the activity, and it is very easy to move and disperse the laundered funds all over the world.

More recently crypto-currency and the illegal mining of crypto-currency using malware has become a popular method of generating wealth for the nation-state of North Korea, as it provides that government with an ability to generate income that avoids the international sanctions that are being applied against them in more legitimate and traditional trade markets.

Banking Trojans

Banking trojans are another popular tool for cyber-criminals who wish to access money belonging to others.

A trojan is a program that pretends to be one type of beneficial/desirable program, is offered in a way that entices unwary users to install it, but the underlying function of the trojan is entirely different. Banking trojans are desinged that once installed, they will monitor a computer for the user connecting to their online banking or other financial services. When this happens, the trojan program will steal the user's credentials, allowing the cyber-criminals to illegally access the victims accounts and conduct transactions against those accounts.

A recently discovered trojan has been found in the Browsealoud web-browser plugin. This is a browser plugin designed to assist users who are blind or who have other disabilities or are illiterate, by reading the content of web pages to them.  Browsealoud is a legitimate plugi, however hackers have created a version of the plugin that also installs a banking trojan in the background.

Again, this is a popular tactic of organised crime gangs - as a method of raising money or laundering money.  And some researchers have also identified that certain nation-state actors may use such malware as a means of avoiding the financial pressures of international sanctions.


Want to know more?

Keep an eye out for my up-coming seminar series. Dates, venues and topics to be announced in the coming weeks.