New OddJob banking Trojan keeps users logged in while draining accounts

This is bad news, if you happen to get infected with this one:

A new banking Trojan seizes browser session ID tokens to keep users logged into their accounts long after they think they’ve logged off. The malware sends data to remote servers in real time, enabling cybercriminals to stealthily hijack a browsing session and gives them plenty of time to funnel money out of accounts.

Called OddJob, it has been traced to cybercriminals in Eastern Europe and has been detected in attacks on customers in the United States, Poland and Denmark. Researchers at security vendor Trusteer Inc. and law enforcement investigators have been monitoring the Trojan for months, said Amit Klein, Trusteer’s chief technology officer. In an interview with SearchSecurity.com, Klein said the Trojan was detected as part of a fraud investigation initiated by a bank. So far investigators have detected fraud connected to OddJob at more than three dozen banks, Klein said.

via New OddJob banking Trojan keeps users logged in while draining accounts.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s