Secure web gateways provider M86 Security has revealed that UK customers from one of the biggest financial institutions have been infected by a Trojan virus by cybercriminals.
From 5 July this year, the fraudsters have so far successfully stolen £675,000 ($1.07m) from the unnamed bank. M86 Security said the attack is still progressing, suggesting the situation is worsening.
The Trojan, a Zeus v3, steals the customer’s online banking ID and hijacks their online banking sessions. It then checks the account balance and, if the account balance is bigger than £800 value, it issues a money transfer transaction.
Researchers at the M86’s Security Labs detected a command and control centre in Eastern Europe targeting the customer accounts.
The Trojan virus has avoided detection by traditional Anti-Virus software.