Spanish Police Arrest Banking Malware Suspect

Uploaded on 2017-02-03 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world.

The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain's law enforcement agency Guardia Civil said recently.

The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement from the agency. The FBI, however, declined to comment on the man's arrest.

Neverquest is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites to log any information typed in. It can also take screenshots and video from the PC's desktop and steal any passwords stored locally.

Once the credentials are stolen, Neverquest can use the infected PC to secretly log back into the customer's online banking account. It can then access the victim's funds and transfer the money out.

In 2013, antivirus vendor Kaspersky Lab discovered the malware being advertised in black market forums. It's since been found preying on the banking sites of 100 to 200 financial institutions, and it has features built in making it hard for security researchers to track.

Spanish authorities said the malware has resulted in financial losses from victims of about US$5 million. Lisov is suspected of creating NeverQuest and then using servers to administer the malware.

One such server contained files with millions of stolen login credentials from financial website accounts.

The arrested suspect’s full name is Stanislav Lisov, according to Russian news agency TASS, and he was arrested alst month. Russian diplomats have sent a request to Spanish authorities to learn more about the charges against Lisov.

If Lisov is indeed behind Neverquest, his arrest may stop or slow down the malware's spread. Last August, IBM Security said Neverquest was the most active financial malware in the world.

Computerworld:        

2017 Tech Trends: 'A Major Bank Will Fail':           Emerging Details Of Cyber Assault On A Major UK Bank:

 

 

« New Technology To Really Close The US / Mexican Border
Business Can Minimise Cybersecurity Risks And Drive Profit »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

Mitol PerfectBackup

Mitol PerfectBackup

Mitol PerfectBackup provide Enterprise Online Backup, Disaster Recovery and Cloud Computing Services.

Equilibrium Security Services

Equilibrium Security Services

Equilibrium Security Services is a specialist cyber security company providing a full spectrum of IT security solutions from consultancy to design & implementation and managed security services.

Industrial Cyber-Physical Systems Center (iCyPhy)

Industrial Cyber-Physical Systems Center (iCyPhy)

The goal of iCyPhy is to conduct pre-competitive research on architectures and design, modeling, and analysis techniques for cyber-physical systems.

Solana Networks

Solana Networks

Solana Networks is a specialist in IT networking and security.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

Sera-Brynn

Sera-Brynn

Sera-Brynn is one of the highest-ranked, pure-play cybersecurity compliance and advisory firms in the world.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.

Mitigate Cyber

Mitigate Cyber

Mitigate Cyber (formerly Xyone Cyber Security) offer a range of cyber security solutions, from threat mitigation to penetration testing, training & much more.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

SecurEyes

SecurEyes

SecurEyes is a leading cybersecurity firm that provides specialised services, including cybersecurity assessments, managed services, and governance risk and compliance services.

Paperclip

Paperclip

Paperclip provides paperless solutions while enabling compliance and security for the exchange of critical content.

Blockfence

Blockfence

Blockfence are a seasoned crew versed in enterprise-grade cybersecurity and crypto, on a mission to collaboratively shape the future of Web3 security.