Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.


Malware targets SA banking information

02 September 2013, 15:29 Duncan Alfreds

Cape Town - South Africans are exposed to cyber attacks designed to steal personal information, a security company has revealed.

These attacks are typical of those faced in the rest of the world, and banking information is particularly vulnerable.

"There are multiple malware attacks in South Africa which are common for the other regions as well. For example banking malware, drive-by-downloads and fake anti-viruses, which have all made an impact on the South African market," Mohammad-Amin Hasbini and Ghareeb Saad, GreAt experts at Kaspersky Lab told News24.

These attacks are largely aimed at accessing personal financial information that criminals can use to withdraw funds from the victims account or even use to clone an online identity.

Some malware is common in the South African internet network, Kaspersky said.

"The Worm.Win32.Mabezat, a file infecting worm which spreads to new computers when accessing an infected drive (including USB thumbs) or file share from a computer that supports the auto-run feature," said Hasbini about the common malware attacking SA machines.


The risk of this kind of malware is acute because of widespread sharing of data between home and business computers. Such malware could conceivably compromise corporate networks by being introduced when an employee inserts a USB flash drive into a computer.

Internet malware is also common and the purpose seems focused on compromising widely used Microsoft Office applications, said Kaspersky.

"The Trojan-Dropper.Win32.Dorifel, which is downloaded from the Internet through malicious websites or installed by a botnet infection called Citadel. Dorifel Trojan scans network shares and local (USB) connected drives for executables and Microsoft Office documents (Excel, Word) and replaces them with a new infected files," Saad said.

One of the primary delivery methods for malware around the globe is spam and the deceit often exploits user behaviour by getting people to click on links that install malware on computers.

A common scam involves an e-mail that offers a loan but the message is laced with a link designed to install malware on the user's computer.

Sars refund e-mails are also a common technique that relies on a user's behaviour gain access to financial information.

Once a computer has been compromised, the machine can be used in a botnet, or a collection of computers controlled remotely.

Local botnets

These can used to send out more spam, but they are also used to conduct attacks on corporate networks. Criminals typically attack networks and demand a ransom to call off the attacks which could cost a company millions of dollars.

Kaspersky said that it was difficult to estimate how many local machines were linked with a botnet.

"We don't have exact numbers on how many devices are controlled by botnets, however based on the Kaspersky Security Network (KSN), we can estimate that about a quarter of infected devices are botnet zombies and remotely controlled."

The antivirus company said that Gauteng is an attack hub in SA.

"Based on our research, Kaspersky Antivirus and Internet Security blocked more than 5.3 million network attacks and more than 70 000 malwares last year in South Africa, 65% of the threats were traced back to Gauteng."

- Follow Duncan on Twitter

- News24


Read News24’s Comments Policy

Comment on this story
Comments have been closed for this article.

Read more from our Users

Submitted by
Jayne Zack
I am in ODM to stay, Busia Depu...

Busia Deputy Governor Kizito Wangalwa told Deputy President William on the face that he was in the Orange Democratic Movement to stay. Read more...

Boda Boda operators in Bahati rai...

Motorbike Boda Boda operators from Bahati Sub county on Tuesday took to the streets of Nakuru’s CBD lamenting over what they term is harassment by patrol police officers in the area. Read more...

Submitted by
Gabriel Ngallah
Human Rights activist lives in fe...

The Human rights fraternity in Mombasa is currently living in fear after the home of one of the vocal human rights champion was invaded on Monday night. Read more...

Submitted by
kel wesh
Poisonous milk powder siezed by K...

The Kenya Revenue Authority has seized two containers with illegal milk powder which had been declared as gypsum board at Mombasa port. Read more...

Submitted by
William Korir
Be ready for protests, Raila warn...

Expect protests if meddling with Auditor General continues, Raila Odinga has said. Read more...

Submitted by
Kenya says will return to interna...

Kenya will return to international markets to borrow when it feels the time is right, National Treasury Cabinet Secretary Henry Rotich said on Tuesday. Read more...