Trojan writers target U.K. banks with botnets

Cybercriminals are building country-specific botnets to target U.K. bank customers with dedicated malware, security company Trusteer Ltd. has reported.

The company identifies two pieces of malware -- the previously undetected Silon.var2 and the longer-established Agent.DBJP -- as the two bank Trojans being distributed by Zeus-based botnets using U.K.-infected PCs.

Silon.var2 now affects one in every 500 U.K.-based PCs connected to the Trusteer Flashlight system; that's 40 times higher than the rate of Silon.var2 infections detected in the U.S., according to Trusteer. Meanwhile, the security firm reports that Agent.DBJP affects one in every 5,000 U.K.-based PCs; again, that's a far higher rate of infection than Trusteer has detected in the U.S.

It's not clear whether these infection rates are partly a quirk of the Trusteer customer base, but it is clear that country-specific malware is now a defined strategy for the banking Trojan botnets, with the U.K. high on the hit list.

Although country-specific malware can apply to any country, the motivation for attacking banks and their customers in this way is to make detection harder. Global Trojan campaigns are easier to spot.

:story: Full story: Computerworld