Backdoor malware hits clearing house clients

A backdoor malware is threatening to steal credit card details of clients of Automated Clearing House (ACH) by fooling them into opening an email attachment claiming to be a payment receipt.

 

Security vendor Bitdefender said the fake payment receipts are part of what it called "a rising wave" of spam emails targeting credit card data.

 

"This is not the first time ACH users are targeted by malware. In November 2011, a bank refusal e-mail came loaded with a Trojan unleashed by a fake flash.exe update. Bogus ACH failure notifications have also been used to spread a variant of the ZeuS banking Trojan," Bitdefender said in a blog post.

 

Bitdefender said ACH is an electronic network frequently used for financial transactions in the United States. It processes large volumes of credit and debit transactions in batches.

 

Investigation showed the spam email claims a wire transaction has been completed, and that a certain amount has been successfully transferred.

 

"If the transaction was made by mistake please contact our customer service. Receipt on payment is attached,” it quoted the spam e-mail as saying.

 

But Bitdefender said clicking on the archive with the fake PDF attachment infects ACH clients with the "Backdoor.Agent" malware.

 

This gives cyber-criminals access to their system and network resources, it said.

 

"Banking details are also targeted by attackers, who are able to catch keystrokes without users’ consent," it added.

 

For now, Bitdefender said its software can block Backdoor.Agent and protects users’ privacy and personal information.

 

However, it advised users to keep their software, operating system and antivirus updated, and avoid running executable files that claim to be updates or PDF files. — TJD, GMA News