It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI/TECH: New Trojan Scam Targets Bank Customers

page: 1
0

log in

join
share:

posted on Jun, 29 2004 @ 04:13 PM
link   
The bad guys have created a new method of exploiting the still-unpatched flaws in Microsoft Internet Explorer 6. This sneaky program monitors keystrokes and attempts to steal username and password information when the user on an infected computer accesses online banking or financial accounts.
 


CNet News
Security researchers have discovered a malicious program that installs itself through a pop-up ad and can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites.

Please visit the link provided for the complete story.

The targeted sites include major financial institutions such as Citibank, Barclays and Deutsche Bank, researcher Marcus Sachs said Tuesday. "If (the program) recognizes that you are on one of those sites, it does keystroke logging," said Sachs, director of the Internet Storm Center, a site that monitors network threats. Even though all financial sites use encryption built into the browser to protect log-in data, the Trojan horse program can capture the information before it gets encrypted by the browser software. "The browser does not encrypt data between your keyboard and computer. It's encrypting it (when it goes) out onto the Web."

Internet Explorer Is Just Too Risky
This situation is turning into a public relations nightmare for Microsoft. So far, no software remedies have been offered. Instead, only advice to change the Internet security settings and disable some features in Internet Explorer.

"I hope that Microsoft will come up with a patch soon," said Johannes Ullrich, chief technology officer for the Internet Storm Center, a site that monitors network threats. "Until they do, you basically have two choices: Disable JavaScript in Internet Explorer or install another browser."

More experts are of the opinion that until Microsoft proves it can fix IE's security bugs, you're better off using one of the browser alternatives.

Related News Links
Business Week
Internet Storm Center
SlashDot

Related ATS Discussions
Thousands of sites affected in large scale web attack
Mysterious, large-scale Internet attack against thousands of popular Web sites



E_T

posted on Jun, 30 2004 @ 02:42 AM
link   
Suprise, suprise... another hole in IE.

That's why I recommend using it only for updating Windows, otherwise it's just collection of security holes, but very effective garbage/trash vacuum if you want to fill your PC with malware/spyware.

Using this security hole also negates other security means like firewall.

Also after five years using Opera IE's user interface feels like cruel torture.



 
0

log in

join