http://news.zdnet.com/2100-1009_22-6053849.html?tag=zdfd.newsfeed

Two Trojan horses with distinctive traits have been flagged by security researchers: one that hijacks one-time-use passwords, and another that hides behind a rootkit. ...

...The attackers attempt to place the Trojan on a computer using an exploit for the Windows Meta File flaw in Microsoft's Internet Explorer, according to a Symantec advisory. The potential victim must visit a malicious Web site to infect their system, and attackers may use e-mails to direct them there. A keylogger, which surreptitiously records the user's keystrokes, is installed on the computer alongside the Trojan. ...

Note the culprit once again ... IE !

http://news.zdnet.com/2100-1009_22-6053849.html?tag=zdfd.newsfeed
Two Trojan horses with distinctive traits have been flagged by security researchers: one that hijacks one-time-use passwords, and another that hides behind a rootkit. ...


Ok, time and time again we hear about keyloggers, & other kinds of spyware,
but I do not know one single person who has had their bank account or
any account broken into. I'm sure it does happen, but how can it be explained
that many of here in this forum come in contact with so many other people
who have had spyware infested computers, but yet, none of them had
their identity stolen or any accounts broken into. Someone please explain
to me how this can be.

---pete---

The "majority" of this happens in store computers, not personal machines.
Many of the recent attacks have been on credit/banking systems used routinely for purchases where the software was unknowingly maintaining databases of info that should not have been retained. The bad guys got in and stripped out data on thousands of users which was then used to create phony credit cards. Look at the recent Office Max debacle. How about the Best Buy rip off where the bad guys were sitting in a car in the parking lot with a wireless laptop reading the cash register transactions to the store computer?

Plastic is a way of life! How many people do you know or see who "swipe" their morning coffee purchase at Wawa or 7-11? How secure are those systems?
See the satellite dish on top of your gas station?
Your gas purchase is going out via radio signal from it!

One of your biggest risks is in your wallet, not your computer!
Never let the plastic leave your hand!
Pocket sized magnetic card readers are now a 'method of choice" for stealing credit/debit card and pin numbers.
Hand your plastic to the waiter in a restaurant and before he completes the transaction at the back register, he swipes it through the reader in his pants pocket. Just hours later, charges on your account start showing up in Singapore or eastern Europe. He knocks off a $10 tip for every card he swipes! The Russian mob is big on this in NY!

Although it happens, home computers are not a great target as they only contain singular information, one person, one account. Many phishing scams may try to lure you into divuldging your account info but scanning from bot nets does happen.
Just bear in mind that threat levels of malware today is financial, not malicious stuff to crap your system like it was in the past. It is highly sophisticated. It is highly stealthy. It is under the control of organized crime groups who can afford the best equipment and programmers. It is highly profitable and will only increase in severity. Money is driving this like a wild fire!

What the banks and credit card companies kept under wraps for years as hush hush is now coming to light as a major problem with BILLIONS being stolen all the time.
They got away with lax security for years by covering the losses with "service charges" that each of us pay to use the service. The problem has gotten so big and so complicated, they can no longer hide it or afford not to deal with it.

OMG! people may go back to using CASH....

The "majority" of this happens in store computers, not personal machines.


Nice post Doug, and thank you for the insights.
I guess you don't personally know anyone either, who got their
identity stolen or accounts broken into as a result of spyware.

---pete---

***CLOSED***

The topic in this thread has reached an end of discussion point where no relevant new discussion is being added.

Please refrain from any additional posting on this topic unless there is an UPDATE or new information relevant to the original topic.

This thread has been condensed for ARCHIVING and REFERENCE purposes.

Additional postings may be removed without notice.

Thank you!
KH Mod Squad