Picture of mobile phone running fintech app

Fintech: Open Access research exploring new frontiers in financial technology

Strathprints makes available Open Access scholarly outputs by the Department of Accounting & Finance at Strathclyde. Particular research specialisms include financial risk management and investment strategies.

The Department also hosts the Centre for Financial Regulation and Innovation (CeFRI), demonstrating research expertise in fintech and capital markets. It also aims to provide a strategic link between academia, policy-makers, regulators and other financial industry participants.

Explore all Strathclyde Open Access research...

Understanding the threat of banking malware

Etaher, Najla and Weir, George (2014) Understanding the threat of banking malware. In: Cyberforensics 2014 - International Conference on Cybercrime, Security & Digital Forensics, 2014-06-23 - 2014-06-24, University of Strathclyde.

[img]
Preview
PDF (EtaherWeir-CFC2014-understanding-banking-malware)
8_etaher_weir.pdf
Preprint
License: Creative Commons Attribution-NonCommercial 4.0 logo

Download (414kB) | Preview

Abstract

Malware is a general term for all malicious and unwanted software. Such software poses a major security threat to the computer and Internet environment. As an increasing number of people use the Internet in their daily life, inevitably users become subject to malware threats. In the field of digital forensics, malware analysis has become a significant discipline. Malicious software is becoming ever more common, but also continuously more profit driven, stealthy, and targeted, often organised by illegal associations. Furthermore, malware continues to evolve in its sophistication and there are several different types of banking malware that pose a very serious threat to bank customers. This paper presents an overview of techniques, issues, and examples from the area of malware detection. In particular, we describe Zeus as a case study in banking malware. The sophistication and adaptability of such malware presents a lasting and pernicious threat to end-users and organisations. Despite this danger, we argue that an understanding of the infection mechanism coupled with circumspect behaviour on the part of the end-user can contain such malware threats.