"The article examines the current state of malware attacks on clients of financial organizations, and methods for combating such attacks more effectively.
More often than not, the attacks on clients of financial organizations follow a well-trodden path: the search for a suitable victim and the infection of their computer, the theft of their online banking login credentials, followed by the subsequent withdrawal of the victim’s funds. ‘Drive-by’ downloads and botnet programs are usually responsible for the infections. It is with this kind of malware that the cybercriminals steal users’ money most readily, and they are constantly finding new victims. The numbers clearly show an exponential increase in the amount of attacks on clients of banks and other financial organizations in recent years.
The cybercriminals are all too familiar with the update release process, from start to finish. They know all about the time it takes to update a database, and they are well aware that it is only a matter of time before their creations are detected. That is why they often choose the following plan of attack: they release a malicious file, then a few hours later when the antivirus programs have started to detect it, they launch a new attack with another of their creations, each time gaining a small window of opportunity a few hours wide — and so on, and so on.
This shows that the response time of most antivirus technologies such as signature-based and generic detection do not meet today’s needs. Furthermore, the security methods offered by financial organizations do not always resolve the problem of client fund losses in cases where Trojans are used." – Content courtesy of Crimeware: A new round of confrontation begins… – Securelist