ClearPath Solutions protects your privacy. We will ensure your confidentiality.
According to security researchers, a new Trojan program is expected to spread rapidly over the next few months. The Trojan program called Neverquest, discovered on a private cybercrime forum in July, targets online financial services users. Essentially, Neverquest is financial malware designed to steal credentials on financial related applications or websites. PCs and smartphones are both vulnerable to financial malware.
Neverquest attempted infections were discovered all around the world, with several thousand attempts recorded by mid-November. Sergey Golovanov, a malware researcher at Kaspersky Lab, wrote in a blog post, “This threat is relatively new, and cybercriminals still aren’t using it to its full capacity. In light of Neverquest’s self-replication capabilities, the number of users attacked could increase considerably over a short period.”
Similar to other financial malware, Neverquest has the ability to change the content of websites inside Internet Explorer or Firefox. Often, the modification involves injecting rogue forms into them, to get usernames and passwords by the website’s users. The attacker can control infected computers remotely using virtual network computing.
Neverquest also includes features that are different from other financial malware. For example, the default configuration defines 28 targeted websites involving large international banks and online payment services. The malware also searches for the victim’s commonly visited webpages containing keywords such as balance, account summary, and checking account. This allows the attacker to discover new financial website targets, to change the scripts for the malware.
Neverquest steals log-in credentials from file transfer protocol client applications that have been installed onto the victim’s computer. With the file transfer protocol credentials, the attacker is able to infect websites using a Neutrino exploit pack. The exploit pack discovers vulnerabilities within browser plug-ins. When a user visits an infected website, the malware is downloaded onto the computer.
In addition, Neverquest also sends spam emails with malicious attachments. Often, the emails are designed to appear as official notifications from important services. According to Kaspersky Lab, consumers can expect many Neverquest attacks for the rest of 2013. Ultimately, users’ must be aware of the potential malware and online cash theft.
Concerned? After the damage CryptoLocker caused…all businesses must be and they also must have an up-to-date computer and network security plan in place. Does your business?
Are you at risk from having Neverquest or even CryptoLocker strike your business?
Does your Central Illinois business have the right computer security or network security program in place? Many of your peers do not and ClearPath IT Solutions is focused on ensuring the security of all businesses in Central Illinois. Call (309) 263-5600 or email us today at sales@clearpathIT.com to book a no obligation IT, computer and network security review with our team of IT experts.