Security experts have discovered that a new strain of the Bugat malware has been developed by cybercriminals to target small and medium sized businesses with data theft attacks that can leave them exposed to financial fraud.
Bugat was originally unearthed in early 2010 and was noteworthy for its similarity to the ZeuS botnet tools. However, thanks to swift action by security firms, it was neutralised before it could get a foothold.
Now it seems that criminals have revived Bugat but altered its coding so that it is much harder to detect its presence and neutralise its effects. The result is a serious threat to businesses and Trusteer has even found links between the malware and the recent spate of attacks against users of business-based social networking site LinkedIn.
If the Bugat malware makes its way onto a computer it is able to burrow into any web browser programs, including Internet Explorer and Firefox. From here it will monitor the browsing habits and then harvest data whenever the user accesses their online banking service, passing on this extremely sensitive and valuable information to be used in defrauding firms.
Trusteer believes that significant losses could result from this new form of the Bugat malware. It also says that the chance of infection is three times higher for businesses based in the US, but warns that European businesses should still remain vigilant in order to keep completely out of harm’s way.
Trusteer’s Mickey Boodaei said that by altering and ameliorating the capabilities of malware such as Bugat and ZeuS, the cybercriminal factions are becoming better at evading the protection offered by security software.
Mr Boodaei even went as far as to call the battle with criminals an ‘arms race’ and said that the latest tactics seemed to suggest that many are abandoning the use of mainstream, well known malware, in favour of more uncommon variants, which gives them a higher chance of successs.
The data harvesting carried out by various botnets and malware programs is seen as a serious issue by most and businesses are advised to keep their security software up to date in order to stand the best chance of avoiding infection.
