Undetectable trogan steals your bank details

      Home » Science & Technology » Undetectable trogan steals your bank details

Undetectable trogan steals your bank details

This is a facinating and scary read, and just shows how careful you have to be on the net downloading programs and files.

Businessweek

But the real shock came when Pickett decided to test another bug by infecting his own PC with it. Out slithered a program that promptly installed itself deep inside his computer.

There it became virtually immune to detection from the basic antivirus software that scans for dangerous code. The bug -- known as a "Trojan," which in turn was hidden inside a "rootkit" -- was designed to activate whenever a Web surfer typed in a user name or password for bank accounts or Web sites for dating, social networking, or e-mail.

Pickett went to a bank site and entered fictitious log-in information. Right before his eyes, those data were sent streaming back to Russia, joining the IDs of thousands of real victims. His reaction: "absolute horror."

This nasty bit of code, appropriately named "the Hearse" by Pickett's employer, Sana Security Inc. in San Mateo, Calif., is threatening to raise the stakes in the spy-vs.-spy war over cybercrime.

That's because the average computer security program sifts for known worms and viruses on PCs. But rootkits cloak data-stealing code so that it can hide in the deepest guts of Windows software without showing up in task lists as an active program.

Criminals, having greatly expanded their knowledge of Windows' inner workings, are flocking to this new tool. Russian computer security company Kaspersky Lab estimates that on average 28 new rootkits emerged each month in 2005, up from six per month in 2004.

Sana monitored one of the Russian Web sites for four days in late March. Ironically, it was left open to public view thanks to a security lapse by its unknown operators.

Pickett watched as some 90,000 pieces of personal data from clients of more than 6,500 companies flowed across his screen.

"It's like [Pickett] put on night vision goggles and watched," says John M. Frazzini, CEO of Secure Systems Corp. and former head of the Secret Service's Electronic Crimes Task Force in Washington. The show lasted until a Russian Web host, warned by Sana, took the site down on Mar. 24.
By netchicken: posted on 1-4-2006








Undetectable trogan steals your bank details | [Login ]
Powered by XMB
Privacy Policy