If someone enters a bank and hand the teller a note, demanding money, it is on the evening news. If someone does the same thing in five banks, it hits the national news. If someone does it to 400 banks online NOT A WORD. This is not a hypothesis it is a fact.
The cyber weapon used in the 400 bank robberies is called SilentBanker. Security professionals are concerned over the discovery of a banking Trojan which steals user data that impact more than 400 banks worldwide. The information that SilentBanker collects gives it the ability to reroute money to another account owned by the attackers or who they represent. This is done without the user’s knowledge until he receives his bank statement.
Trojan: (short for Trojan Horse) is a piece of malicious software which appears to perform a certain action but in fact performs another. In addition, trojan horses are notorious for installing backdoor programs.
This appears to be just the beginning of the attack. The Trojan first appeared in December 2007 and continues to spread around the world. SilentBanker is more powerful that originally thought. The malicious code is so smart that if it is missing information needed to complete the transaction, the trojan enables the attackers to add extra code to the authorization page asking the user for that missing data. The rapid increase in sophistication and complexity of the latest cyber attack tools is a clear trend that is challenging the cyber security industry to stay ahead of the criminals and terrorists.
No one knows who is collecting the money, nor how they intend to use it. Could it be for drugs, terrorist attacks, purchasing of weapons or just very sophisticated bank robbers? One thing is for sure, this is just another example of our vulnerability.
PROTECTION: Make sure your anti-virus software is updated and operational. Vigilance is also a powerful defense. Check your bank statements and balances regularly and report any suspicious activity to your bank immediately.
Please send your articles through an editor, the errors are painful to read.
Damn. I thought you only became a pro-level blogger if you could write in something close to the language of the blog. I waz rong.
I run regularly a virus check on mu computer. Almost every time, it shows a Trojan Horse. After investigating it, it seems like I get it from the net while I am surfing. Very good idea to run virus check.
An SSH connection to the bank will do nothing really, neither will PGP authentication since the the Trojan has infected the system itself and was able to pick up the password when you typed it in. The virus could easily be adapted to pick up the SSH password. Nevertheless, what in the world will the user do once they SSHed into one of the bank’s machines? Run some scripts? Sure.…
All I can really say is, if you’re using Windows, make sure that you never come close the Internet Explorer, use Firefox or Opera. That, and an updated anti-virus is your main line of defense. Also, take a look at Spybot Search and Destroy to clean your spyware on a regular basis.
But honestly, sucks to be you if you’re using Windows. If you really want security, choose a Mac or an Ubuntu Linux loaded Dell or HP for your next computer purchase. Both Linux and Mac are easy to use if you take just _a little bit_ of time to learn them, the former is getting easier with every release and the latter is already high quality and very easy to use.
You should probably mention that Symantec rates this as a Low threat level, and lists the number of known infections at “0–49″…
http://www.symantec.com/security_response/writeup.jsp?docid=2007–121718-1009–99
bewitching the strategy has the same impact to determine where those saboteurs of projects and thieves even hackers are.