Warning Russian Worm Burrows Into Our Mobile Banking Network

Personal_Finance / Cyber War Jun 17, 2014 - 12:23 PM GMT

Shah Gilani writes: This is a public service announcement. Really, you need to read this!

If you think your mobile banking app is safe, think again.

Right now, as in this very second, if you have a mobile banking app connected to USAA, Citigroup, American Express, Wells Fargo, Bank of America, TD Bank, JPMorgan Chase, BB&T or Regions Bank, you could be in deep Svpeng.

Svpeng is a breed of malware that targets your mobile device. It doesn’t come from your bank, but gets onto your device through a “social engineering” campaign that uses text messages as a medium of infection.

The worm originally cropped up in Russia last year, where it was used to steal credit and debit card data from mobile phones. The American version does something different – and even more insidious.

You don’t want to get caught in this trap. Now, so you’ll know how to avoid it, I’ll tell you exactly how this worm turns …

Open Up – It’s the FBI!

Once on your phone, Svpeng looks for an app from one of the banking institutions identified above. If it finds an app associated with one of those banks, it locks your screen with – not so funnily enough – an FBI penalty notification letter. You’re supposed to believe the FBI is demanding you send it $200 in Green Dot MoneyPak cards.

To prove the FBI – that is, Svpeng – knows who you are, the worm takes a picture of you with your own phone and displays it. Which probably shows you looking dumbfounded, scared, or pissed off.

Besides the intrusive snapshot, this malware is, nonetheless, “user-friendly.” While it locks your screen, it’s thoughtful enough to suggest stores where you can buy MoneyPak vouchers and, of course, provides a data field into which you can type the voucher numbers.

This is not a joke – this is really happening.

The Moscow-based computer security company Kaspersky Lab discovered the U.S. version of Svpeng on June 11. According to Kaspersky, Svpeng does not currently steal online banking credentials, though the company believes it’s only a matter of time before the worm does so.

Kaspersky researchers say the malware also contains code that could be used to encrypt files stored on your device and demand money to unencrypt them.

“Once the device is infected, it’s almost impossible to get it out,” says Dmitry Bestuzhev, head of a Kaspersky global research and analysis team in Latin America.

On June 13, Roman Unuchek, senior malware analyst at Kaspersky, told American Banker, “It is impossible to repel an attack of American Svpeng if a mobile device doesn’t have a security solution – the malware will block the device completely. If I were a bank CIO, I would make sure that customers have proper mobile security in place.”

You’ve been warned.

I suggest you call your bank and ask them if they have a solution. Maybe they’re working on something you can download that hides their app from being identified by Svpeng.

Good luck! Oh, and by the way … smile – your phone may be about to take your picture.

Source : http://www.wallstreetinsightsandindictments.com/2014/06/beware-russian-worm-burrows-mobile-banking/

Money Morning/The Money Map Report

©2014 Monument Street Publishing. All Rights Reserved. Protected by copyright laws of the United States and international treaties. Any reproduction, copying, or redistribution (electronic or otherwise, including on the world wide web), of content from this website, in whole or in part, is strictly prohibited without the express written permission of Monument Street Publishing. 105 West Monument Street, Baltimore MD 21201, Email: customerservice@moneymorning.com

Disclaimer: Nothing published by Money Morning should be considered personalized investment advice. Although our employees may answer your general customer service questions, they are not licensed under securities laws to address your particular investment situation. No communication by our employees to you should be deemed as personalized investent advice. We expressly forbid our writers from having a financial interest in any security recommended to our readers. All of our employees and agents must wait 24 hours after on-line publication, or after the mailing of printed-only publication prior to following an initial recommendation. Any investments recommended by Money Morning should be made only after consulting with your investment advisor and only after reviewing the prospectus or financial statements of the company.

Money Morning Archive

Only logged in users are allowed to post comments. Register/ Log in

The Market Oracle is a FREE Financial Markets Forecasting & Analysis web-site.
(c) 2005-2024 MarketOracle.co.uk (Market Oracle Ltd) - Market Oracle Ltd asserts copyright on all articles authored by our editorial team and all comments posted. Any and all information provided within the web-site, is for general information purposes only and Market Oracle Ltd do not warrant the accuracy, timeliness or suitability of any information provided on this site. nor is or shall be deemed to constitute, financial or any other advice or recommendation by us. and are also not meant to be investment advice or solicitation or recommendation to establish market positions. We do not give investment advice and our comments are an expression of opinion only and should not be construed in any manner whatsoever as recommendations to enter into a market position either stock, option, futures contract, bonds, commodity or any other financial instrument at any time. We recommend that independent professional advice is obtained before you make any investment or trading decisions. By using this site you agree to this sites Terms of Use. From time to time we promote or endorse certain products / services that we believe are worthy of your time and attention. In return for that endorsement and only in the cases where you purchase directly though us may we be compensated by the producers of those products.