Potential Trojan attack on SAP systems feared

A Russian antivirus company said a new variant of a Trojan program is seeking out computers that have SAP AG client installations suggesting that cybercriminals may be planning to launch future attacks on systems using the enterprise business operations software.

The malware is a variant of a Trojan program that targets online banking accounts, according to Doctor Web, a security software maker that discovered the virus some two weeks ago. The company has since shared its findings with ERPScan, a developer of business application security products particularly for SAP systems.

Alexander Polyakov, chief technology officer of ERPScan, said they have analyzed the Trojan and have determined that it is designed “to check which systems have SAP applications installed.”

Typically, he said, malware that conduct such scoping functions is an indication that attackers intend to sell access to those infected machines to other cybercriminals or they themselves intend to launch an attack later.

Polyakov said this is the first malware targeting SAP client software he has seen that was not developed by proof-of-concept researchers but rather by cybercriminals.

While some stolen credentials may provide attackers with limited system access, there are many default administrative credentials that have not been changed by companies.

Attackers that gain access to SAP servers may be able to steal customer information, collect proprietary information or corporate secrets or they can steal money from a company by creating and approving rogue purchases or by redirecting customer payments, he said.

Attackers could also launch denial-of-service attacks against a firm’s SAP servers to disrupt operations.

Read the whole story here

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web