Stealthy Trojan Swipes Bank Log-ins, Financial Data from Thousands
RSA FraudAction Research Lab reported finding a treasure trove of financial data stolen by the Sinowal Trojan. The Trojan uses rootkit functionality to infect a PC's master boot record, allowing it to slip by malware defenses. The Trojan has stolen roughly 300,000 bank log-ins, as well as a similar number of credit and debit card numbers and related personal information.Security researchers have uncovered a treasure trove of financial data stolen by a stealthy Trojan since 2006. All totaled, the minds behind the Sinowal Trojan are believed to have stolen roughly 300,000 bank log-in credentials, as well as a similar amount of credit and debit card numbers and related personal information. The findings were detailed Oct. 31 by RSA FraudAction Research Lab. The Sinowal Trojan, also known as Torpig and Mebroot, dates back to 2006 and has been used to target more than 2,700 financial service domains worldwide.
In the past six months alone, the Trojan has compromised and stolen log-in credentials and other information from more than 100,000 online bank accounts, according to RSA, EMC's security division.