Akamai: Surge in hackers using complex crimeware to drain money from online bank accounts

There is an increase in use of complex crimeware that gathers the passwords of online customers at specific banks and automatically transfer funds out of their accounts, according to Akamai’s security group.

The surge is being aided by a tool called Yummba webinject, which generates pop-ups – injects – during legitimate banking sessions that ask for usernames and passwords, says Akamai’s Prolexic Security Engineering & Response Team (PLXsert) in a threat advisory. The phony dialog boxes mimic the look and feel of the genuine bank Web pages with logos, colors and fonts used on the legitimate site.

To read this article in full or to leave a comment, please click here