Home
Internet
Internet News
New Trojan Targeting Banking, Personal Information in India: CERT In

New Trojan Targeting Banking, Personal Information in India: CERT-In

By Press Trust of India | Updated: 27 July 2015 13:27 IST

Cyber-security sleuths have alerted Indian Internet users about the destructive phishing attacks by a new malware which could compromise personal email and banking-related data.

The malware, identified as 'Golroted', belongs to the deadly 'Trojan' category of computer viruses which is characterised by its smart capability of masking its original content and looking genuine.

"It has been reported that variants of a new malware family, dubbed as Golroted, having spyware functionalities are spreading. These malware typically spread through spear phishing mails having attachments as zipped archives or Microsoft Office document exploits or via removable drives," the Computer Emergency Response Team of India (CERT-In) said in a latest advisory to domestic Internet users.

CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

The agency said once the malware infects a system successfully, it is capable of stealing Personal Identifiable Information (PII) from the affected machine that includes computer name, local date or time, Internet Protocol address, installed security software, among other private and sensitive system details.

The malware is notorious for undertaking specific attacks with regard to banking and financial transactions, ultimately leading to loss of funds kept in the bank account.

"Golroted is reported as targeting banking sites, online payment sites, email accounts, social networking sites among others. The stolen information is ex-filtrated to a pre-configured File Transfer Protocol server/web panels or to email addresses as attachments," it said.

The agency said at least two aliases or pseudo-identities of the said malware have been detected till now.

"The spyware is capable to log key strokes, capture screen shots, scrap web browsers for saved passwords, browsing history etc," it said.

The agency has suggested some countermeasures in this regard.

Do not allow administrative access to systems, with the exception of special administrative accounts for administrators, do not download or open attachment in emails received from untrusted sources or unexpectedly received from trusted users, do not visit untrusted websites and enable firewall at gateway or desktop level.

The agency also said that vulnerable systems that the malware could target should install and scan anti-malware engines and keep them up-to-date.

Do not follow unsolicited Web links or attachments in email messages, limit or eliminate the use of shared or group accounts, turn off file sharing if not needed and disable "save credentials" feature in browsers, are some of the counter-combat measures suggested by the agency.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.