Virgin Media has sent letters to about 1,500 of its broadband customers warning that their systems are infected by the SpyEye Trojan, which steals banking data.
The letters follow on from an investigation by the Serious Organised Crime Agency (SOCA) which uncovered IP addresses of infected systems. SOCA handed the IP addresses over to Virgin Media which identified a number of its customers among those affected.
Virgin Media previously used written notifications to alert users to the risk posed by the Zeus Trojan last year.
In the letters Virgin Media emphasised the seriousness of the risk from SpyEye and urged customers to update their security software. Customers also have the option of signing up for a help service, using which Virgin Media can remotely identify and eliminate problems.
Virgin Media said customers need increasingly more direct warning methods as the importance of broadband grows.
“Cyber crime is on the rise and the increasing sophistication of malware infections means that all Internet users could be at risk with devastating effects,” said Jon James, executive director of broadband at Virgin Media, in a statement.
SOCA said it isn’t enough for users to rely on service providers to help them.
“It is equally important for consumers to protect their finances and personal information by ensuring their computers are equipped with up-to-date security software,” said Lee Miles, SOCA’s head of cyber, in a statement.
SpyEye works in stealth mode, is invisible from the task manager and other user-mode applications, hides the files from the regular explorer searches, and also hides its registry keys. It can grab data entered in a web form and automates getting money from stolen credit cards.
In April British police arrested three alleged members of the SpyEye gang. Security researchers consider SpyEye, a banking Trojan that harvests victims’ personal credentials, the de facto successor to the Zeus Trojan.
Two of the men were charged on 8 April, but the third man was released on bail on the condition that he return for further questioning in August, police said. Pavel Cyganoc, a Lithuanian living in Birmingham, England, and Aldis Krummins, a Latvian living in Goole, England, were both charged with conspiracy to defraud and concealing the proceeds of crime.
Cyganoc was also charged with conspiracy to cause unauthorised modifications to computers, police said.
The Police Central e-Crime Unit, a specialised group within Scotland Yard, made the arrests “in connection with an international investigation into a group suspected of utilising malware to infect personal computers and retrieve private banking details”.
Along with the arrests, police also seized computer equipment and data. The investigation is still ongoing.
Last November researchers said the developers behind the Zeus and SpyEye Trojans had joined forces to create one major botnet, with sophisticated capabilities to attack user bank accounts.
All Cybertrucks manufactured between November 2023 and February 2025 recalled over trim that can fall…
As Musk guts US federal agencies, SEC issues summons over Elon's failure to disclose ownership…
Moonshot project Taara spun out of Google, uses lasers and not satellites to provide internet…
Pebble creator launches two new PebbleOS-based smartwatches with 30-day battery life, e-ink screens after OS…
Amazon loses appeal in Luxembourg's administrative court over 746m euro GDPR fine related to use…
Nvidia, xAI to participate in project backed by BlackRock, Microsoft to invest $100bn in AI…
View Comments
Whatever happened to the old "fair cop gov, you've got me bang to rights" English criminal?
Comment sent from Nigel Hawthorn, Blue Coat Systems:
“It is pleasing to see that Virgin Media is taking action and proactively notifying their customers of Virus’s on their PC’s, but interesting to note the means in which they did so. Sending letters to customers rather than emails seems to be an odd response to such a serious situation that could see customers bank accounts compromised. With a malicious virus such as this, the user could be a victim at any time and the delay in sending and actioning a letter leaves them open to serious attack.”