Behavioral Study of Malware Affecting Financial Institutions and Clients

Online users have been targeted by malware since the beginning of the web banking industry. In fact, malware is one of the main threats to the Information Security in financial transactions. Fueled by criminal money, malware designs continually become more sophisticated in order to carry out various fraudulent activities. In this paper, we study the behavior of malware affecting users of financial institutions. First, we conduct an experimental analysis of the malware targeting individuals' bank accounts. Then, we present a post experiment analysis that shows the different behaviors the malware on the infected systems. Malware has a strong effect on system files and registry values. They are further grouped with respect to their infection vectors and payloads. This paper also discusses the various protection mechanisms, which help in overcoming the damage caused by the malware as well as a list of early warning indicators to help in detecting malware at the earliest state.