Cyber attack hits bank websites

Cyber attack hits bank websites

www.canada.com

In what is being billed as one of the most sophisticated cyber attacks to hit the Internet, a virus has been released that gets between computer users and their banking websites, giving thieves free rein to drain accounts and wreak financial havoc on their victims.

Dubbed the "Silentbanker," the virus is a Trojan horse computer users may unknowingly download by simply browsing the Internet. The first sign it's at work may be a bank notification warning their client has been a victim of fraud.

More than 400 banks - including some in Canada - have been targeted worldwide by the virus, which operates in many languages, said Symantec, a global security company tracking the progress of the Trojan.

(visit the link for the full news article)


Related News Links:
msmvps.com
www.symantec.com
www.spyware-techie.com

January 14, 2008 (Symantec Security Response Weblog) - "...Trojan downloads a configuration file that contains the domain names of over 400 banks. Not only are the usual large American banks targeted but banks in many other countries are also targeted, including France, Spain, Ireland, the UK, Finland, Turkey—the list goes on. The ability of this Trojan to perform man-in-the-middle attacks on valid transactions is what is most worrying. The Trojan can intercept transactions that require two-factor authentication. It can then silently change the user-entered destination bank account details to the attacker's account details instead. Of course the Trojan ensures that the user does not notice this change by presenting the user with the details they expect to see, while all the time sending the bank the attacker's details instead. Since the user doesn’t notice anything wrong with the transaction, they will enter the second authentication password, in effect handing over their money to the attackers... The configuration files for this Trojan currently contain over 200kb of data; however, new URLs and HTML are being added to the configuration files on a daily basis... We are currently monitoring all of the updates to this Trojan. The Trojan accesses the following URLs for configuration, updates, and to send stolen data:
• iloveie.info
• webcounterstat.info
• microcbs.com
• reservaza.com
• screensaversfor-fun.com
• mystabcounter.info
• 85.255.119.218
The Trojan also downloads a copy of Trojan.Flush.J, which changes the users DNS settings to the following attacker settings:
• 85.255.116.133
• 85.255.112.87

It was runoured that this virus was made by a professional programmer, maybe disgruntled. It is a matter of time till these virus's will mutate and adapt and will not be stopped. It is of great concern that this virus can make any website secure zone, well not so secure. Our false sense of security is now lost. Now where do i put my faith if not in the banks? The government maybe, lol.

www.canada.com
(visit the link for the full news article)

now , if they can get rid of my mortgage and car note!!

so true, now if they could make a useful virus like wiping out all dept in the country, man then watch the country economy boom. we could start all over and all go nuts. See that should be bushs plan, wipe out all dept by its citizens and then let them go nuts, money flowin every which way. A good in theory trojan. At least wishful thinking.

reply to post by kr0n1ck405


nah if they erased all the debt the prices on goods would skyroket to meet availability as people spend to much there would just be economical chaos, but thats something i wouldent mind seeing everyone justs starts over at zero what a wonderfull idea.

Not saying it is right to do but if the creator of this does like another I remember hearing about before it will only effect those who “have the money”. The case I am thinking of is the case of a cyber thief with some morals at least; he never stole from those who did not have enough money only those who had the big bucks of course they caught him because he was upsetting the rich people.

It is scary thought that someone could come in a wipe out an account of someone who is barely making ends meet anyway. People that steal from those sort of people should be beaten with a cat o nine tails then be bathed in a salt vinegar mixture while getting their finger nails pulled out with pliers.


I’d be pretty happy though if they got rid of my debts for me though. But if that were to happen I think our economy would crash that much faster. I don’t know why I’m not real savvy on how well it works but I feel wiping out everyone’s debt would cause a world of hurt.

Raist

Like Diehard 3/Live Free Die Hard just no killing, terrorism and all that jazz. Just some honest free thinking hacker that wants to spread good will towards man,

reply to post by Raist


I say let the economy crash if I am debt free with 2 cars and house free and clear.
I could give a fudge about the economy if I already have the "American Dream"

like i said it would be great in theory, but it becomes a faceless crime. You dont think of the victims, you tend to think of the gains. But could this money not be tracked back to a source. Is money only as good as a bank who will honour it. Think if all of a sudden there was a camen island account that went from a $1.25 to lets say 3.2 billion that they might not ask questions. Any bank who did not report such a thing could be sued or loose its assets. One would think logically. It is obvious that the trojan tells the info to go somewhere, could it not be traced back and or another trojan sent along with it to shut down the creators themselves. Use there own tech against them. Lots of theorys. I still like loosing the dept part, damn banks are rich enough as it is. But like it was said it is one thing to steal from a rch man, but the common man who can barely pay his bills, where do we draw that line in the sand. Where is it right and where is it wrong, or do we just have no sympathy for the ones with more wealth than us.

its subjective realy personaly i feel theft is only right if its a absolute matter of survival, then i belive the ends do justify the means such as a man who steals milk to feed his starving baby.

and see thats diehard 4 die hard 3 is diehard with a vengence and had samuel jackson co-starring , what can i say im a bruce willis fan after all my second all time fav movie is hudson hawk. following of course big trouble in little china.

[edit on 1/18/2008 by krill]

Originally posted by SEEWHATUDO
reply to post by Raist

 

I say let the economy crash if I am debt free with 2 cars and house free and clear.
I could give a fudge about the economy if I already have the "American Dream"

Unfortunately that is the bad thing though there has to be some debt or you may not have the house and two cars long. After all you still have to pay taxes on them (at least here there is a yearly tax on all property owned including cars and house).

If debt is completely wiped out jobs will be lost because businesses will not get paid. If the place I work does not get paid I lose my job if that happens I will not be able to keep my house because I cannot pay taxes on it. I will not be able to do this because jobs will be very rare after a economic crash because everyone that is owed money just lost tons of it.

At least this is my feeble understanding of our economy, though I might be wrong. Surely though this is close to how it would affect things.

Raist

I think this is just the beginning of these types of virus's. Right now they mine data, who says soon they might take on your credit info, apply for online credit, get it and send accounts forward. It can be scarey. It is bad enough that certain devices can read all the magnetic strips in your wallet and record them, and you dont even have to open it. Just them walking past you. The criminals are advancing faster than technology can keep up. We depend more and more on computers every day. Did we not learn anything from Katrina, that civilization can fall like that, and no one knows how to survive or behave when the worse happens. What is say they did a fire sale virus attack. Could you survive, can you find clean water, do you have stored food and are able to hunt and farm your own food. Is your house able to funtion with out power from the grid. weather it be heat and or cool for some of you. We are entering deadly times. Kaos is around the corner and non of us are ready for it. These virus's and attacks are what they should be worried about. Not some nut job with a stike of dynamite duck taped to his sorry ass. He may kill 10, 50 people tops. What would a fire sale or a deadly virus do. What if there was a virus that could take down the web itself. We must ask these questions. Are you prepared?

reply to post by krill


AAhhh yes sorry about that, I should have known better since Bruce has been my boyfriend since I was 18 (okay, okay only in my dreams but still ssshhhh! dont tell the hubby)
Love that man bald or touped

Originally posted by kr0n1ck405
It is bad enough that certain devices can read all the magnetic strips in your wallet and record them, and you dont even have to open it. Just them walking past you.

Ummmm This is false. Unless your using rfid credit cards where your at . This is impossible. The card is read by swipe only . You cant just get a card near a reader of any sort and have it read sorry.

Im not even gonna get into the rest of your post . As you must not have much experience in computer security.

see now there we go, you dont explain nothing, as far as my information it was from a security story on a news broadcast about new threats. Most is just theory. But what what bothers you, is any of it possible, or is it just far fetched or are you living in a bubble. We must ask questions to get answers. If we all believed that 911 was a terrorist act, i personally think it was a government coverup. Many dont believe in UFO's, but it would be stupid to say we are the only living thing in the entire universe. So why would a new wave of computer virus's be concerning. They are working on highly advanced AI's, what if one was crossed or put to virus or trojan in a security network. Could we have a HAL like in 2001, maybe or maybe not. But it is possible.

I wondered why I could not log into my Bank account yesterday. I called TD Trust today to yell at them for locking me out..but it was all ok today. Dang it they didn't add a few extra 000's to my account balance.

reply to post by Rhain


that would be nice, kinda like when you check your bank statement and see like 65k deposit and then its taken out very shortly after, always questioned those money transactions, like wtf

That's pretty sweet. I'm too lazy to look into it but it sounds like it just changes your hosts file to resolve hundreds of bank's domain names to the target IP. Changing the nameservers... nice. It's still just another trojan though. Nothing terribly special about it beyond its effect. Hardly "one of the most sophisticated cyber attacks to hit the Internet."

reply to post by apc


it is a genious trojan, but now think if someone crossed it with a ai or took it up a knotch, we could be in some serious crap

Nah the trojan doesn't really do much. The system on the other end that spoofs the bank website is where the action is at. It's not that new. Just takes time.