Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

SpyEye Trojan Affects Virgin Broadband Customers

Trusteer : 21 June, 2011  (Technical Article)
Trusteer advises internet lockdown strategy by ISP to contain SpyEye infections found on a number of client computers

Virgin Media has announced that the Serious Organised Crime Agency has identified around 1,500 Virgin broadband customers as having computers infected with the infamous SpyEye trojan. As a result, this may be time, says Trusteer, to consider a partial lockdown of these lines, until the owner can prove their machines as having been disinfected. 


According to the in-browser security specialist, whilst the pro-active nature of the SOCA investigation into the Virgin users' systems may be viewed as invasive by some observers, there is a strong reason for all ISPs to work with law enforcement and security professionals in a similar way. In addition, says Amit Klein, Trusteer's chief technology officer, there is an equally strong case for blocking all traffic, and for HTTP traffic to display a message saying "your machine is infected, please contact Virgin ....


"This would ensure that most of the affected users would be on the phone to the Virgin helpline in double-quick time. And it would also help to minimise the financial losses that these poor customers would experience if they had to wait until the ISP wrote to them – assuming they opened the letter of course," he said. "The problem with simply writing letters to the affected line owners is that they may be landlords, and it is their tenants that need to be advised of the serious security problem", he went on to say.


Klein argues that an internet lockdown strategy would serve the dual purposes of alerting users on the broadband circuit that there were serious security problems and so force them to call in, as well as helping to prevent further potential losses to cybercriminals as a result of the infections.  Even if only one of the 1,500 SpyEye infected users of Virgin's network were stopped from leaking their credentials to the cybercriminals, he says, the steps taken would have been worthwhile.


"Virgin's actions, as well as those of SOCA, are to be applauded. More than anything, this brings home to the UK's Internet-using community in the UK the sheer scale of the SpyEye infection problem," he said. "This is one strain of an infection on one single ISP's network. On this basis, we could be looking at potential trojan infections measuring well into five figures – or more - across the UK as a whole.  To protect people from financial malware such as the SpyEye Trojan, I recommend installing browser security solutions, which are available for free from many of the UK banks," he added. 

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo