“A relatively unknown data-stealing Trojan horse program that has claimed more than a quarter-million victims in the span of a few months aptly illustrates the sophistication of modern malware and the importance of a multi-layered approach to security,” Brian Krebs reports for The Washington Post.
“When analysts at Sterling, Va., based security intelligence firm iDefense first spotted the trojan they call ‘Tigger.A’ in November 2008, none of the 37 anti-virus products they tested it against recognized it. A month later, only one – AntiVir – detected it,” Krebs reports.
“That virtual invisibility cloak, combined with a host of tricks designed to elude forensic malware examiners, allowed Tigger to quietly infect more than 250,000 Microsoft Windows systems, according to iDefense’s read of log files recovered from one of the Web servers Tigger uses to download code,” Krebs reports.
“iDefense analyst Michael Ligh found that Tigger appears designed to target mainly customers or employees of stock and options trading firms,” Krebs reports. “Among the unusually short list of institutions specifically targeted by Tigger are E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade and Scottrade.”
Full article here.