Banking Malware Steals Your Keystrokes

There’s a new malware attacking financial institutions according to a recent report by Kaspersky Lab. Since 2013 and possibly earlier, an advanced keylogging hack on Mexican banks was discovered using spearphishing and infected USB devices to gain access to bank accounts. Although the campaign, called Dark Tequila, specifically targeted Mexican banks, there’s no reason to believe that’s where it will stay. With hackers now selling malware as a service, there’s no telling how quickly Dark Tequila may spread worldwide. Attacks on financial institutions always start somewhere before spreading, and the ability of Dark Tequila to go undetected for five-plus years is a huge concern for banking everywhere.

Dark Tequila used keylogging, which steals every keystroke from a user’s keyboard to gain access to passwords and other confidential information. In this case, the hackers stole keystrokes from users on popular sites including Amazon, Dropbox, and Microsoft Office 365. Email spearphishing and infected USB’s were used to implant the malware, ultimately allowing the keylogging to begin. Spearphishing is particularly effective because it uses information gleaned from social media or other sites to target individuals based on their interests. According to INFOSEC Institute, more than 30% of spear phishing campaigns are successful. The targeted emails contain malware, usually in the form of attachments. One innocent click by a user can unleash malware like Dark Tequila in a nanosecond. The best defense is an educated user who knows what to look for when unexpected emails make it to his or her inbox.

Suspect the unexpected. Unexpected emails require a cautious approach, no matter how strongly they tug at your heartstrings or interests. Hackers know spear phishing works and they also know how to get around spam filters. Hackers are constantly sharpening their skills and nothing is off limits; that includes your inbox.

Beware what you post. Hackers are always trolling social media sites for tidbits of information they can use to sharpen their attacks. What may seem like an innocent post can provide the information a hacker needs to get your attention. And providing them with too much information is a slippery slope toward spear phishing.

Avoid connecting unknown USB sticks to your device. Hackers often plant USB sticks anywhere they can be found, like office spaces, parking lots, and retail stores. Avoid the curiosity urge to connect the USB to see what’s on it–the answer is likely malware. If you find a USB at work, contact an IT person. Should you find a USB in a random place, there’s no doubt…throw it out.