Pinch Trojan still bypassing anti-virus

Feeling the Pinch?
Feeling the Pinch?

A piece of malware called Pinch is creating havoc and bypassing major anti-virus software, despite the creators being arrested by the Russian police more than a year ago.

The Pinch malware creation tool allows cyber-criminals to create tailored Trojans that can hijack email, ICQ and other sensitive data.

However, although the alleged creators – named as Ermishkin and Farkhutdinov – were arrested back in 2007, the code for their malware was leaked onto the net.

Still alive

The creation kit is still in use, and anti-malware company Prevx has discovered that variants of the Pinch Trojan are still defeating major AV software from the likes of Symantiec, Mcafee, Kaspersky and AVG.

"What is really interesting here is that despite the original creators being arrested over more than a year ago - their legacy lives on online," Jacques Erasmus Prevx's director of Malware Research told TechRadar.

"This just goes to show that even the most seemingly obsolete piece of malware needs just a few tweaks by someone with a bit of programming knowledge to completely disguise it from traditional signature based anti-virus.

"If these people had been running a complementary piece of software which doesn't work on signatures, their credit card details, passwords and other personal data wouldn't have been in the hands of criminals."

Prevx's own data shows around 4,000 people are being affected per day from just one variant of the Trojan.

The revelation does raise questions about how anti-malware scanners cope with programs that make it easy to produce variants - with Pinch unlikely to disappear any time soon.

TOPICS
Patrick Goss

Patrick Goss is the ex-Editor in Chief of TechRadar. Patrick was a passionate and experienced journalist, and he has been lucky enough to work on some of the finest online properties on the planet, building audiences everywhere and establishing himself at the forefront of digital content.  After a long stint as the boss at TechRadar, Patrick has now moved on to a role with Apple, where he is the Managing Editor for the App Store in the UK.

Latest in Cyber Crime
A person scanning a QR code on a smartphone
Quishing is the new QR code scam you need to watch out for – here's how to stay safe
Ransomware on the rise: how small and medium-sized businesses can achieve cyber resilience during turbulent times
Ransomware on the rise: how small and medium-sized businesses can achieve cyber resilience during turbulent times
Text Phishing Scams
Do not fall for this dangerous Amazon shopping scam
Cyber-security
Safeguarding against next-gen cyber risks
The North Face jacket
Thousands of North Face customers accounts hacked, personal data stolen
Smartphone hacked with data flow in the background
9 signs your phone has been hacked
Latest in News
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about Avengers: Doomsday's cast on YouTube, and I think it's going to be a long-winded reveal
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch