Online banking hit by thieves


Recommended Posts

criminals are always looking for ways to get at your money. Because we are in Canada does not mean we are not going to get attacked so please make sure you keep your computers as secure as possible when doing online banking.

February 22, 2011 12:43 PM PST

Online banking hit by thieves

by Elinor Mills

A new Trojan dubbed "OddJob" is stealing people's money by taking over their online banking sessions after they think they've logged off. The Trojan, which targets Windows-based computers, is being used by criminals in Eastern Europe to steal money from accounts in the United States, Poland, and Denmark, & Amit Klein, chief technology officer of Trusteer, writes in a blog post today. Klein said in an e-mail that he could not identify the banks being targeted or provide an estimate on the number of victims.

"It is early days for this malware," he said. "It appears to be a work in progress, so we expect the code to become more sophisticated over time." The Trojan intercepts communications that customers have with banking sites via Internet Explorer or Firefox, stealing or interjecting information and terminating user browser sessions when done, When a bank customer is on the bank site, the Trojan takes advantage of the session IT token to impersonate the customer, riding the coattails of the existing authenticated session. It then bypasses the logout request of the customer so that the session is not actually terminated when the customer thinks he or she is logging out.

To avoid triggering security software, the malware's configuration is not saved to disk, but a fresh copy is fetched from the command and control server each time a new browser session is opened. Web surfers can protect themselves by installing software security updates, refraining from clicking on URLs in e-mail messages, and using software that secures Web access,

http://news.cnet.com/security/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...