Last week, security experts uncovered a Trojan horse--dubbed PWSteal.Refest by the security software maker--which installs itself through a pop-up advertisement when users log onto the Web sites of any one of nearly 50 targeted banks. The list includes major Australian banks like Westpac, St George Bank, Bendigo Bank and Hong Kong's Dah Sing Bank, as well as Citibank's portals in these two countries.
Once installed, the Trojan logs the keystrokes and passwords of its victims' computers and sends the data back to a Web site listed by the program's creators.
However, this ploy was foiled as the site which was meant to harvest the stolen information was quickly shut down, said Tim Hartman, Symantec Asia-Pacific's senior technical director.
"We don't know for sure where that Web site was hosted, but it's no longer available," said Hartman.
As a result, Hartman said the company did not receive any reports of information theft from its Asian customers, particularly those in the banking sector.
While the PWSteal threat appears to have been contained, its emergence reflects the trend of exploiting Internet Explorer (IE) loopholes to turn Web sites into avenues of malware dissemination.
Last month, IE flaws were blamed for two other hacking schemes, one that turned some Web sites into points of digital infection, and another that installed a toolbar on victims' computers that triggered pop-ups.
In response, Microsoft has advised users to set their IE security settings to the highest. The firm also released a patch for the IE vulnerability last Friday.
Winston Chai and Robert Lemos contributed to the story.
