Norman Warns of SpyEye Banking Malware Vulnerability

Users of Online Banking Services Are At Risk

Mar 08, 2011, 09:19 ET from Norman Data Defense Systems

OSLO, Norway, March 8, 2011 /PRNewswire/ -- Norman, a leading security company offering products protecting government and enterprise networks and consumer desktops, today announced that its researchers have identified an emerging trojan malware variant of SpyEye that targets specific online banking applications.

SpyEye is a malware toolkit that has become increasingly popular over the past few months and is similar to the widely-used Zeus malware that has caused hundreds of thousands of costly infections globally. These malware tools cause attacks called "man-in-browser" because, like trojans, they infect web browsers and modify pages and transactions to steal valuable personal secrets such as Social Security numbers, banking logins and passwords, credit card data – even complete identity profiles stolen from autofill applications.

A consumer or enterprise user may pick up the malware while innocently browsing thousands of infected popular web sites. SpyEye waits for the user to access on online banking account before activating.

"Norman, working in early February with several banks in Norway, identified a specific variant of SpyEye that criminals have recently developed," said Einar Oftedal, director of Malware Detection. "This variant has also targeted other banks in Europe and Asia. It could easily be modified to work against any bank in any country. Online banking users in Europe and North America should be very vigilant to guard against this online risk."

This particular variant of SpyEye targets only the initial login field on a bank's legitimate web page, capturing login and password information and rapidly and illegally transferring money until the application times out in about 20 seconds. All Norman antimalware solutions for consumers, the enterprise and government users have detection for this trojan and any attempt at infection will be blocked.

Norman has created a free specialized malware cleaner that can be downloaded to repair infected software. To download this free SpyEye cleaner, go to:, or to the specifically identified Norman link available for many local markets including many EU countries.

About Norman ASA

Founded in Norway in 1984, Norman ASA is a global leader and pioneer in proactive content security solutions and forensics malware tools. Norman's proactive antimalware solutions, including malware analysis tools, network security and endpoint protection, are powered by patented Norman SandBox® technology and used by security solutions providers around the world.

Norman's unified core antimalware protection for clients, servers and network security are delivered as products and services designed to protect business communications and resources, including corporate and government networks and applications, remote employees, branch offices and extranets. Norman's solutions are available through Norman subsidiaries and a network of global partners. For more information, visit

For additional information:

John Callahan



SOURCE Norman Data Defense Systems