New 'Trojan horse' opens your bank account to crooks

[JayKim]

Anyone see this article today? Scary what they come up with.





Gangster's ATM: New 'Trojan horse' opens your bank account to crooks

Sam Gustin
Sep 30th 2009 at 12:30PM
Text SizeAAA
http://www.addthis.com/bookmark.php...nk account to crooks -- DailyFinance&content= http://www.addthis.com/bookmark.php...nk account to crooks -- DailyFinance&content= http://www.addthis.com/bookmark.php...nk account to crooks -- DailyFinance&content= http://www.addthis.com/bookmark.php...nk account to crooks -- DailyFinance&content= More

Call it an ATM for cyber-crooks -- and the cash could come out of your account.

Web security sleuths have found a new type of "Trojan horse" that steals your bank log-in name and password, then proceeds to drain money from your account -- while you're logged in.
The new Trojan, called URLZone, features a number of innovations not widely seen in Internet crime. For example, the Trojan can estimate precisely how much money to steal based on how much dough you have in your account, and can even siphon money in small increments to evade detection.
"It's a next generation bank Trojan," Yuval Ben-Itzhak, chief technology officer at Finjan, a cyber-security firm, told CNET News.com. "This is part of a new trend of more sophisticated Trojans designed to evade antifraud systems."

A Trojan horse is a type of malware -- or malevolent software -- that allows criminals unauthorized access to the user's computer system. Details of URLZone appear in a new report by Finjan's Malicious Code Research Center.
URLZone takes advantage of vulnerabilities in web browsers, including Firefox and Internet Explorer, then executes a program on Windows systems -- which means if you're running a Mac, you're safe. For now.

"As we covered in previous reports, cybercrime pays," Finjan researchers wrote in the report. "Financial data remain the prime target. Cybergangs and their methods keep on refining their attacks to generate as much income as possible, while avoiding detection."

During 22 days in mid-August, the cyber-crooks operating URLZone stole nearly $438,000, according to the security company. The bad guys infected about 6,400 computer users, according to PC World, and stole an average of $1,750 per day.

The criminals were able to infect about 7.5 percent of the 90,000 computers they attacked before Finjan managed to infiltrate the hackers' command-and-control server located in Ukraine, according to PC World. Once your computer becomes infected, URLZone steals your bank account info before contacting the command server, which then instructs your own computer how much money to wire, in what increments, and where to send the stolen virtual stacks.

Ominously, URLZone is even more sophisticated than its predecessor Trojans, which already have the ability to take over your computer, steal your personal data, and even remotely command your computer to help the hackers steal.

URLZone allows internet thieves to evade common bank fraud detection systems. For example, the bad guys can ensure your balance never falls below zero, as well as make a series of small withdrawals in an effort to evade detection. They can also make phony data appear on your account home page.

"Basically they say, 'I will steal from you €5,000, but I want to make sure at least 5 percent will remain in your balance,'" Ben-Itzhak told PC World.

"Online bank users should be alert, and make sure that their web security is updated," Finjan concluded in its report, which is well worth reading. "For banks and financial institutions, their best defense is a unified web security solution with real-time content inspection."




Gangster's ATM: New 'Trojan horse' opens your bank account to crooks -- DailyFinance

 

Dislike ads? Become a Fastlane member: Subscribe today and surround yourself with winners and millionaire mentors, not those broke friends who only want to drink beer and play video games. :-)

[Icy]

Jupitvmz, vji vsukep justi heopoph edditt otp'v vji tdesz qesv ev emm. Vjot jet ciip esuapf gus e xjomi. Vji vsai tohpogodepv qesv ot vjev ov, up vji gmz, ifovt vji jvnm cigusi fotqmezoph ov op vji csuxtis vu tjux e gemti cemepdi. Vjot emmuxt vji dsievust, us epzupi ev vji dipvis vu veli nupiz epf ov velit e MUV muphis vu devdj up vu vjot.

Jupitvmz, O vjopl ov't wisz duum (op e xez). O xuamf muwi og qiuqmi xuamf katv fu vjot vu qsuwi vu vjintimwit\uvjist vjev ov't quttocmi epf miewi ov ev vjev. Puv fu ov epf ati ov vu "jesn" uvjist. Vjip eheop vjuahj, O'n raovi vji pisfz qistup tu nutv vidjpumuhodem vjopht esi exituni sihesfmitt ug jux ietomz vjev dep deati qsucmint

 

[JayKim]

Jupitvmz, vji vsukep justi heopoph edditt otp'v vji tdesz qesv ev emm. Vjot jet ciip esuapf gus e xjomi. Vji vsai tohpogodepv qesv ot vjev ov, up vji gmz, ifovt vji jvnm cigusi fotqmezoph ov op vji csuxtis vu tjux e gemti cemepdi. Vjot emmuxt vji dsievust, us epzupi ev vji dipvis vu veli nupiz epf ov velit e MUV muphis vu devdj up vu vjot.

Jupitvmz, O vjopl ov't wisz duum (op e xez). O xuamf muwi og qiuqmi xuamf katv fu vjot vu qsuwi vu vjintimwituvjist vjev ov't quttocmi epf miewi ov ev vjev. Puv fu ov epf ati ov vu "jesn" uvjist. Vjip eheop vjuahj, O'n raovi vji pisfz qistup tu nutv vidjpumuhodem vjopht esi exituni sihesfmitt ug jux ietomz vjev dep deati qsucmint

Xjev fu zua ati gus wosat qsuvidvoup, ot vjisi e motv gus vjopht vjev iwisz dunqavis tjuamf jewi? Nezci O tjuamf neli e pix qutv gus vjot cav O jewi vjiti up nz mecvuq epf ov jet piwis jef e qsucmin emtu emm gsii vu fm. O jewi xopfuxt yq

Ewose EpvoWosat Qistupem
jvvq://xxx.gomijoqqu.dun/fuxpmuef_epvowos/

Ef-Exesi tqzxesi sinuwis
jvvq://xxx.gomijoqqu.dun/fuxpmuef_ef-exesi/

Tqzxesi Cmetvis
jvvq://xxx.gomijoqqu.dun/fuxpmuef_tqzxesicmetvis/

DDmiepis
jvvq://xxx.gomijoqqu.dun/fuxpmuef_ddmiepis/

Fotl Figsehhis
jvvq://xxx.gomijoqqu.dun/fuxpmuef_figsehhmis/

mpvispiv Tiswodi Qsuwofis Nubomme Gosiguy
jvvq://xxx.gomijoqqu.dun/fuxpmuef_gosiguy/

Gosixemm 3.0.25.378
Dunufu Gosixemm
jvvq://xxx.gomijoqqu.dun/fuxpmuef_dunufu/