Your computer has probably been infected with a virus before. You may have noticed a few annoying pop-up advertisements appear on your screen. Or, your computer may have simply started to slow down.
But those problems pale in comparison to the recent case of a Eurograbber Trojan virus that stole 36 million Euros (about $46.5 million) from the bank accounts of thousands of Europeans.
How it worked
Instead of grabbing the entire $46.5 million from a single account, the heist took place over a period of several months. The Eurograbber Trojan would infect a computer by luring users onto a malicious website. Somebody could be searching Google Images one minute, only to have their computer infected the next. The infection was impossible to detect.
Once the computer was infected, the Trojan had the ability to monitor everything users did over the internet. It could spy on Facebook activity, for example, or look at whatever the user was searching for. But Eurograbber wasn’t interested in either of those things. Instead, Eurograbber would spy on private banking sessions.
The pop-up window secret
Installing the malicious app onto the smartphone
The pop-up asked users to input their phone number in order to receive a “Banking software security upgrade.” Then, the hackers would send a text message to the phone number asking them to install a “free encryption software app” via .apk or .jad files. While everything looked legitimate and trustworthy up to this point, the app would actually monitor all incoming texts.
When users signed into their bank account, they would type their user name and password into the computer. As soon as the user was in the online banking session, the Trojan would execute a transfer request for “anywhere from 500 to 250,000 Euros” to private shell accounts. The user’s phone would receive a text message asking to authorize this request, although the hackers would intercept the SMS before it got to the unsuspecting user.
Bypassing two-factor authentication
Most security experts agree that two-factor authentication is one of the most effective ways to keep a private account safe. With two-factor authentication, the user has to enter a password that they already know as well as a text-message code that they receive over their phone. If someone wants to access that account, they would have to have the individual’s cell phone and know the password.
This two-factor authentication system is popular with Gmail users, banks, and any other organizations that take user privacy as seriously as possible. But two-factor authentication is not impenetrable.
Eurograbber was able to steal text messages and password information in an incredibly clever way. And if it can happen to users who are so concerned about their security that they use two-factor authentication, then it can happen to anyone. You can read all about the Eurograbber Trojan in this comprehensive PDF report.
Make sure you download anti-malware software like PC Cleaner Pro to stay safe against Trojans, viruses, and other types of malware!