This banking worm is turning computers into malware distributors

Security

by Jimmy Nicholls| 03 July 2014

Lock up your emails and hide your bank details.

As many as 50,000 email account credentials are being used to steal banking details and turn target computers into malware distributers, according to security firm Seculert.

Cridex malware, also called Geodo, is said to spread itself through emails written in German - the aim being to steal sensitive data from financial groups such as Sparkassen-Finanzgruppe.

Aviv Raff, CTO of Seculert, said: "Geodo can compromise the intellectual property of a corporation, putting its business and reputation at risk.

"This new email worm capability displayed by Geodo serves to further emphasise the growing threat of advanced malware to today's enterprises."

Once installed Geodo downloads another piece of malware which then communicates with a command and control (C&C) server before sending out emails containing the virus disguised as a PDF.

Almost half of the stolen credentials were from Germany, with another quarter originating from around Europe, though the source of the account information is not known.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.