The Clampi Banking Trojan Targets U.s. Schools

[Peaches]

By Lucian Constantin, Web News Editor

15th of September 2009, 09:46 GMT

The Clampi Banking Trojan Targets U.S. Schools - criminals steal hundreds of thousands of dollars

" U.S. public and private schools alike should be in alert as the cybercriminal gang behind the Clampi Trojan has been targeting such institutions recently and walked away with impressive amounts of money. Security researchers say it is one of the most sophisticated and successful online banking fraud operations.

The complex Clampi trojan is known under several different names, including Ligats, Ilomo or Rscan. Its purpose is to steal online banking credentials from compromised systems; however, the attacks involving it are much more sophisticated and widespread, using fake companies and recruitment websites to hire money mules.

The recent versions of the trojan can propagate across internal Windows networks by using a tool called PsExec and stolen domain administrator credentials. PsExec is a legit utility developed by Microsoft, which is generally used by admins to execute processes on remote computers. The presence of this tool on computers that are not authorized to have it installed should raise red flags and generally points to a Clampi infection.

The Washington Post reports that in addition to the incident at the Western Beaver School District, from where cybercrooks stole a total of $704,610 in 74 fraudulent electronic transfers, several other schools have reported similar attacks. Western Beaver School District was forced to sue their bank in an attempt to recover the money, something which other victims might also end up doing as the law does not hold banks liable for such attacks on business customers."

read story at softpedia - http://news.softpedia.com/news/The-Clampi-...ls-121681.shtml