Around 8000 net bank customers in Denmark has been deprived to enter their own net banks lately. The reason is a virus according to F-Secure that has been targeted against Danish net bank customers.
The main task of the virus was to take control over the customers card transactions and let the men behind the scene empty the accounts for money. There is no information about whether money is lost during this attack or not. The banks have closed several accounts in order to minimize any risks in this case.
The security company F-Secuer has identified the Trojan as Trojan-Banker.Win32.MultiBanker but there remains to make a cure against these.
The Trojans identified in this case were difficult to detect and complicated in construction, as they have used rootkit technology and the consept they have used to sniff information is called Man-in-the-Browser technique.
The way it works is that the Trojan modifies the victims behaviour in true time like in a bank transactions. The method is described as very complicated and expensive routine. Unfortunately we will see more of these types of attacks in the future and the banks will need to ensure more safe routines and methodologies to ensure customers security online as well in other electronic transactions they are involved in.
The challenge is big, however, it remains to see whether the banks will make available enough resources and efforts to solve these issues or not.
At the moment it looks like internet based services are not safe for the users and caution is advised using these at the moment.