The Serious Organised Crime Agency has warned 1,500 people via Virgin Media that their computers are infected with a Trojan virus that steals banking details, in a new tactic in the battle against cyber criminals.
Letters sent by Virgin Media to broadband customers offer instructions on how to remove the SpyEye Trojan and avoid further security threats.
The warnings are based on intelligence gathered by SOCA officers while investigating the cyber crime underground.
Letters sent by Virgin Media to broadband customers offer instructions on how to remove the SpyEye Trojan and avoid further security threats.
The warnings are based on intelligence gathered by SOCA officers while investigating the cyber crime underground.
They collected lists of IP addresses - the internet’s closest equivalent to a phone number - that has sent data back to criminals. Virgin Media then matched the addresses against its customer records to identify customers infected with SpyEye. No customer information was passed to SOCA.
The virus, which affects Microsoft Windows systems, was first detected in 2009. It was advertised and sold to other cyber criminals by its author, known as "Gribodemon" or "Harderman", on underground forums for as little as $500, allowing them to start stealing data and then money almost instantly.
Lee Miles, SOCA’s head of cyber, said he welcomed “steps taken within industry to utilise the information and resources provided by law enforcement and raise awareness of online safety”.
The collaboration with SOCA and is an extension of an Virgin Media initiative launched last year that targets the Zeus Trojan, another virus which steals banking information. It uses IP address data from the Shadowserver Foundation, a non-profit group of computer security experts that track online threats.
More recent reports indicatethat SpyEye and Zeus are now available to cyber criminals and as an all-in-one package.
Rik Ferguson, of the security firm Trend Micro, said that Virgin Media's letters should be welcomed but that "prevention is better than cure". He cited a service offered by rival broadband provider TalkTalk that warns users against visiting potentially malicious websites as they browse.
A Virgin Media spokesman said customers’ response to being told their computer was infected had been “generally positive”.
“Cybercrime is on the rise and the increasing sophistication of malware infections mean that all internet users could be at risk with devastating effects,” said Jon James, the firm’s executive director of broadband.
SOCA’s responsibilities for cyber crime intelligence gathering are due to be taken over by the new National Crime Agency from 2013.
0 comments:
Post a Comment