Security news
Security news21 October 2004
53 arrests as Brazil cracks down on phishing Trojan authors, Sophos comments on online bank fraud
 |
| A series of Trojan horses have attempted to fool Brazilian surfers into entering their bank login details. |
Federal police in Brazil have announced that they have arrested 53 people for stealing money from internet bank accounts with a series of phishing Trojan horses. Allegedly, approximately $30 million is said to have been stolen from online banking customers.
The police swoop, which involved 160 policemen, took place across four states in the north of Brazil, with most of those apprehended said to be under the age of 25. According to investigators 18 of the suspects had been imprisoned for similar offences in the past.
Banks targeted by the Trojan horses included Banco do Brasil, Bradesco, Caixa Economica Federal, HSBC, Itau, and Unibanco.
"Hackers and virus writers in Brazil seized upon the opportunity to make significant amounts of money by writing these Trojan horses," said Graham Cluley, senior technology consultant for Sophos. "The Trojans would lurk in the background, waiting for innocent users to enter their bank login details and then secretly pass them back to the hackers. The Brazilian authorities should be congratulated for taking swift action against this activity - fifty arrests give some idea of the huge scale of this kind of organised internet crime."
Virus experts at Sophos warned Brazilian computer users earlier this year of the increasing trend of Trojan horses being written specifically targeting customers of Brazil's online bank websites.
Even this week, Sophos has added detection for several new Brazilian Trojans. Once a computer is infected with one of the Trojans internet activity is monitored, and if it is determined that the computer user is visiting one of a number of Brazilian banking websites a fake login page is displayed and the confidential data emailed back to the hacker's email address.
"All computer users should be running an up-to-date anti-virus as well as protecting their PC with a firewall. This, combined with the safe computing practice of exercising caution over what you choose to run on your computer, can dramatically reduce the risks of these kind of attacks," continued Cluley.
