London police have arrested a man in connection with attacks carried out by the state-of-the-art Tilon banking Trojan, it has been announced.
The Police Central eCrime Unit (PCeU) and the Serious Organised Crime Agency (SOCA) were both involved in the detention of the unnamed 36 year-old on conspiracy to defraud and drug offences at an address in South Croydon.
"The arrested man has been taken to a south London Police Station where he remains in custody. His computers and digital media have been seized for examination by the team's digital forensic investigators," said police.
As has become standard for such arrests, the police haven’t elaborated on the exact nature of the offences, but Tilon is an interesting example of man-in-the-browser (MitB) malware.
According to Israeli banking security firm Trusteer which discvered and named it, Tilon is a development of an earlier piece of malware, Silon, from 2009.
Stealing credentials from within sessions on a number of browsers, Tilon emerged with an uncanny ability to evade antivirus software, Trusteer said.
These anti-detection tricks included the ability to refuse to install on a virtual machine (to confound researchers), a design that made it hard to de-install, and rapid mutation.
Banking Trojans have become an everyday issue for UK consumers, with reports of Tilon bank thefts appearing in small number on security forums late last summer. The banks themselves offer no official numbers on victims.
In October 2013, the UK’s new National Crime Agency (NCA) will commence operations, combining the work of SOCA and the PCeU.