Malware infects three-quarters of the world's top banks

File this story in the "Who do you trust with your money?" category.

Eighteen of the top 24 banks in the world have malware problems, security firm Lookingglass says on Wednesday. Even three-year old worms that have long had patches and fixes to address them continue to infect the PCs of banks, including Conficker, found (gasp) in the IT deployments of 10 of the top 24.

Advertisement

Other virus and malware of note found on these computers included DNS Changer, Gameover Zeus, BlackHole Exploit Kit, and Fake AV among others, the security firm says.

It is not clear what the extent of infection is, or how it may be affecting bank customers. "We don't have evidence that the infected systems are actively infecting other systems, but most of the types of malware involved are designed to infect as many other hosts as possible", chief scientist Jason Lewis tells BetaNews.

"There is a strong likelihood that the computers in question have infected other hosts", he continues. Lewis would not identify the banks in question, saying Lookingglass wanted to give these institutions time to address the problem.

Reinfection is also an issue. While these banking institutions apparently attempt to address their virus problems, the issues continue to come back due to unclean portions of their networks affecting cleaned areas. This could be due to large companies by nature being slow to apply updates and important patches that would otherwise close the holes malware exploits in order to spread itself, Lewis tells us.

"If hosts are cleaned, but not patched and nothing further is done to prevent reinfection, an endless loop occurs. Just cleaning a malware infection is not enough -- steps to prevent further exploits have to occur", he explains. "In some cases, the operating systems involved no longer have support from Microsoft, which means they will never be protected".

The latter is an obvious reference to the enterprise's insistence on hanging on to aging platforms. Take, for example, Windows XP: while Microsoft still issues security updates for the platform and will do so through 2014, it's likely many of these companies will continue to use it well past that date, or have not update to SP3, which is necessary to receive those updates.

Or even Windows Server 2003, which is no longer supported. Again, if the customer is not on the newer R2 version, they're unprotected too.

"The biggest take away from this research is that no one is safe", Lewis concludes.

So here's the big question: if the banks have such a serious malware problem, is our financial data really that safe? Enterprising attackers likely already know this, and may have already exploited these holes to their advantage.

Photo Credit: Oxlock/Shutterstock

4 Responses to Malware infects three-quarters of the world's top banks

  1. bourgeoisdude says:

    Ummm...Windows 2003 non-R2 is under the same extended support as the R2 version (assuming it runs SP2). We still have a couple of non-critical functions on plain-Jane Server 2003 Standard SP2.

    That said, it is sad that banks still have Conficker worm infections, sounds like they aren't even trying to stay secure. Throw in any modern firewall with basic AV/Content filtering package and that wouldn't happen. How can any modern business, much less bank, not be using a decent firewall or updated antivirus products?

    • Tenoq says:

       Pretty sure it falls under the "too hard, too expensive" basket.  Despite make record profits every year (well, our local banks are anyway) apparently their isn't enough funding for adequate IT investment. 

      The real problem IMHO is that consumers have no choice about using big banks.  It's extraordinarily difficult to live without a bank account... unless you spend your life busking/bumming cash jobs. :p

  2. nilst2011 says:

    Maybe the banks themselves are behind this malware thing to earn some more money. They usually do everything they can to suck the last money out of their customers.... I have NO trust in banks anymore !

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.