Collaboration between RSA Security and Panda Software Assists in the Shut Down of several websites creating and selling malware targeting global financial institutions
In a joint effort between RSA Security Inc., a leading provider of online security and anti-fraud solutions, and Panda Software, the companies detected and assisted in the disabling of several websites related to a complex system for creating and selling ? la carte Trojans that could be used for espionage and theft of confidential personal and financial data. As a result of Panda Software’s and RSA Security’s efforts the web pages that offer these Trojan services are now inaccessible to hackers trying to use the system.
RSA Security’s expertise and innovation in neutralizing fraud threats as they emerge – which it gained as part of its acquisition of Cyota in 2005 – enables businesses to proactively protect themselves from phishing, pharming and other types of emerging threats.
Panda Software’s TruPreventTM Technologies detected a new Trojan, called Trj/Briz.A, which was previously unknown to security companies. When the PandaLabs experts began an in-depth analysis on the code of this Trojan, they noticed certain peculiarities that led them to the scam which has now been dismantled. Given the seriousness and sophistication of the attack, Panda Software contacted RSA Cyota’s 24*7 Anti Fraud Command Center, which implemented its process to disable the web pages involved by contacting the ISPs hosting the site and identifying it as a source of these illicit Trojan services.
Due to this combined effort, three websites selling Trojans were shut down by the ISPs hosting them, as well as two others on which hackers could see information about infections caused by their malware.
According to Luis Corrons, director of PandaLabs: “The collaboration between RSA Security and Panda Software has been key to rapidly dismantling these dangerous websites for creating and selling targeted malware. Thanks to this it has been possible to make the necessary changes to make all sites involved inaccessible.”
“In the rapidly evolving world of online fraud, it is critical to have industry collaboration and knowledge sharing such as Panda Software and RSA Security demonstrated in this complex and sophisticated case,” stated Chris Young, senior vice president and general manager of RSA Cyota Consumer Solutions. “We are determined to keep our global financial institution customers one step ahead of the fraudsters; strategic partnerships and collaboration such as this expands our reach and enhances our ability to respond rapidly and decisively as new attacks emerge.”
The creator of this system offered hackers the chance to generate ? la carte Trojans that could be used to foil traditional security solutions and targeted attacks, i.e. attacks on specific users of specific financial institutions in the UK, Spain and more. In addition, buyers would receive a system for monitoring the status of the infections caused, providing them with a large quantity of data about the infected computers: IP addresses, passwords and even the physical location of the computers.
“This case highlights the need for proactive technologies that can detect malicious code without signature files. Had it not been for TruPreventTM Technologies, the system for creating Trojans that has now been dismantled could have been operating with impunity for a long time,” adds Corrons.
About RSA Cyota Consumer Solutions
RSA Cyota Consumer Solutions, a division of RSA Security, offers proven solutions for online banking and e-commerce that range from adaptive authentication – with risk-based technology, one-time-passwords and transaction-signing – to anti-phishing services and real-time transaction monitoring that controls fraud and manages risk. The company’s eFraudNetworkÃ¢â€ž? community is the world’s most effective cross-bank collaborative online fraud network. Today, many of the world’s top 50 banks, including nine of the top 12 banks in North America and the UK, use RSA Cyota solutions to protect over 430 million consumers.
About RSA Security Inc.
RSA Security Inc. is the expert in protecting online identities and digital assets. The inventor of core security technologies for the Internet, the company leads the way in strong authentication and encryption, bringing trust to millions of user identities and the transactions that they perform. RSA Security’s portfolio of award-winning identity & access management solutions helps businesses to establish who’s who online – and what they can do.
With a strong reputation built on a 20-year history of ingenuity, leadership and proven technologies, we serve approximately 20,000 customers around the globe and interoperate with more than 1,000 technology and integration partners. For more information, please visit www.rsasecurity.com
About Panda Software
Panda Software (www.pandasoftware.com) is a leading developer and provider of integrated security solutions to combat viruses, hackers, Trojans, spyware, phishing, spam and other Internet-borne threats. With the revolutionary TruPreventTM Technologies, Panda Software’s innovative solutions offer a greater return on investment, keeping clients protected even against new threats that have yet to be identified. PandaLabs, the fastest laboratory in the industry to provide complete updates to users, offers a worldwide response to malware 24 hours a day, 7 days a week, all year round.
Panda Software’s centrally-managed security solutions protect servers, and gateways and all network entry points, ensuring a straightforward and highly effective line of defense against Internet threats for large organizations, SMBs and consumers. Panda solutions are backed by a team of expert support technicians in all countries where the company is present. Tech support services are available 24 hours a day, seven days a week.
For more information and evaluation versions of all Panda Software solutions, visit our website at: http://www.pandasoftware.com/