The threat is designed to disable Trusteer's security solution

Nov 13, 2013 15:14 GMT  ·  By

Numerous banks are advising their customers to install Rapport – a security solution from Trusteer – on their computers to protect online transactions against cyberattacks. 

Researchers from Trend Micro have identified a variant of the Sinowal malware that’s designed to disable Rapport, while a version of ZeuS, the notorious banking Trojan, is downloaded.

Zeus is designed to inject phishing pages into online banking sessions to trick users into handing over their personal and financial information. However, Rapport blocks these man-in-the-middle attacks. That’s why cybercriminals are using Sinowal to disable Rapport first.

The attack starts with a malicious email that carries the BKDR_ANDROM. Once it infects a device, Androm downloads and executes Sinowal and ZeuS.

Fortunately, the Sinowal variant in question is not capable of disabling Trusteer’s product. However, this shows that cybercrooks are coming up with all sorts of techniques to increase their chances of success.