PandaLabs discovers the theft of financial data from multinational companies

Given that this information could seriously compromise these companies, Panda is contacting each of them in order that they take necessary protective measures

The creator offered cyber-crooks the chance to buy customised Trojans, undetectable by traditional antivirus solutions, which could steal personal and confidential data

The best defence against this type of targeted malware lies in the use of proactive technologies such as TruPreventTM, which can detect new threats by scanning their behaviour and without dependence on updates

Banks, telecommunication companies, hotels, airlines and international betting services were among those affected by the creation and sale of Briz Trojans, a scam recently uncovered by Panda Software. These details have become apparent after the analysis of the data stolen by one of the customised Trojans on sale to cyber-crooks on certain web pages, and to which PandaLabs has had access thanks to the dismantling of the scam. The intercepted information includes economic and financial data that could seriously compromise numerous large companies. For this reason, Panda Software is contacting those affected to ensure that they take the corresponding measures to protect themselves and their clients.

Recently, Panda Softwareís TruPreventTM proactive technologies detected a new Trojan, Briz.A, which after detailed analysis by the experts at PandaLabs, revealed the existence of a complex system of creation and sale of la carte malware designed for stealing personal and confidential data, as well as going undetected by traditional antivirus solutions. After this, and thanks to the collaboration between RSA Security Ltd., a leading provider of online security and antifraud solutions, and Panda Software, several websites used as part of the scam were dismantled.

The information stolen by the Trojan was stored in 2033 files occupying 70.6 MB. Of these, 62 MB were text files, equivalent to 62,000 printed pages. The files were organised into folders corresponding to the nationality of each victim.

ìWe were surprised by the quantity of data that a single one of these Trojans was able to steal. The most worrying aspect is that we don’t know how many were generated or sold before the system was dismantled, and so the number of companies whose data is now in jeopardy could be very high,î explains Luis Corrons, director of PandaLabs. ìBear in mind that these Trojans are designed to slip past traditional security solutions, and only our proactive TruPreventTM technologies have been able to detect their existence. If one of these Trojans were installed on a computer that did not have this type of proactive technology, there would be no obstacle to its malicious activity.î

Unlike traditional security solutions, TruPreventTM technologies do not need to update in order to detect malware, as they analyse behaviour in order to detect unknown threats. ìThe sale of customised malware to cyber-crooks has now become a lucrative business model. This is not an isolated case and given the lure of financial gain motivating cyber-criminals, this type of scam is likely to proliferate in the short-term. This is why complementing traditional antivirus solutions with proactive technologies is no longer an option but a necessity,î says Corrons.