Financial professionals targeted by sophisticated ‘keylogger’ malware

The good news is that financial institutions are better than other industries at preventing malware and other hacker threats, according to a new report from cybersecurity firm Lastline.

The bad news: that higher level of security is inspiring more sophisticated attacks.

Lastline’s analysis of malware samples found at all kinds of finance firms included an unusually large number of keyloggers, a type of malware that records keystrokes entered into a computer and sends username and password information out to a third party.

(More: Finra: Firms begin to heed cybersecurity, but have much to do)

Instead of phishing scams, which use a fake website page to convince victims to enter their information, keyloggers are programs downloaded, usually through an email attachment, and act in the background. Instead of information to one website, keyloggers can track every user name and password entered, and even gather answers to security questions.

Andy Norton, Lastline’s director of threat intelligence and author of the report, said one keylogger can result in 50 sets of stolen login credentials.

“Keylogging is more bang for the buck for the attacker,” Mr. Norton said.

In particular, financial institutions are being targeted by two keyloggers, Emotet and URSNIF, which were designed specifically to operate undetected in a firm’s technology, Mr. Norton said. These malwares, which infect a computer through a Microsoft Office document, can evade detection and hijack transfer payments.

“They are aware of a financial system’s back end,” Mr. Norton added. “The malwares are built to survive in an enterprise security network.”

Lastline’s analysis found that financial institutions faced 47% more malicious files than the global average, and 20% more of these advanced malwares.

(More: This is the No. 1 cybersecurity threat to financial advisers, experts say)

Mr. Norton’s advice to advisers is to not simply rely on the cybersecurity provided by their home office, but to educate employees and clients on how to be safe online. As with phishing scams and other cyber-threats, advisers and clients both have to be vigilant in which websites they visit, who they share information with, and what they download.

“If you understand what something is doing before you let it into your environment, you can have a higher level of resilience,” he said.

Related Topics: Cyber Attacks