SOCA warns broadband users over spy virus infections

June 17, 2011
Cyber Security, FedCyber Wire
No Comment

via The Telegraph

Letters sent by Virgin Media to broadband customers offer instructions on how to remove the SpyEye Trojan and avoid further security threats.

The warnings are based on intelligence gathered by SOCA officers while investigating the cyber crime underground.

They collected lists of IP addresses – the internet’s closest equivalent to a phone number – that has sent data back to criminals. Virgin Media then matched the addresses against its customer records to identify customers infected with SpyEye. No customer information was passed to SOCA.

The virus, which affects Microsoft Windows systems, was first detected in 2009. It was advertised and sold to other cyber criminals by its author, known as “Gribodemon” or “Harderman”, on underground forums for as little as $500, allowing them to start stealing data and then money almost instantly.

Lee Miles, SOCA’s head of cyber, said he welcomed “steps taken within industry to utilise the information and resources provided by law enforcement and raise awareness of online safety”.

The collaboration with SOCA and is an extension of an Virgin Media initiative launched last year that targets the Zeus Trojan, another virus which steals banking information. It uses IP address data from the Shadowserver Foundation, a non-profit group of computer security experts that track online threats.

Continued here.