Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Internet threat: Hackers swarm bank accounts

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
EV_Ares Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Feb-23-09 06:47 PM
Original message
Internet threat: Hackers swarm bank accounts
New and nasty banking trojans are on the rise on the Internet and attacking online bank accounts.
The new trojan programs — which wait on your hard drive for an opportunity to crack your online banking account — are different from traditional "phishing" e-mail scams that try to trick you into typing your login information at fake bank websites.


BLOG: How to keep your account safe

They're invisible, can steal data multiple ways and require no action by the victim to be launched.

"Phishing doesn't work as well as it used to," says Patrik Runald, security specialist at F-Secure, the Internet security firm. "Banking trojans provide a very effective and direct means for the bad guys to get their hands on the money."

FIND MORE STORIES IN: Internet | Bankers Association | F-Secure | Gunter Ollmann | Patrik Runald | IBM Internet Security Systems
Banking trojans can be gotten by clicking on a viral link to a greeting card or video that arrives in e-mail spam. Or, they can be picked up by clicking to a Web page that's been corrupted by hackers.

F-Secure tallied 59,177 unique banking trojans circulating on the Internet in 2008, up from 15,969 in 2007. The escalation partly underscores how intensively criminal hackers churn out new variants to escape detection by antivirus programs.

Banking trojans "are more advanced and evolving faster than antivirus solutions," says Gunter Ollmann at IBM Internet Security Systems.

The American Bankers Association acknowledges the rise. Doug Johnson, vice president of risk management policy, notes that most U.S. banks try to make certain that online customers log in from their usual computer.

Losses caused from unauthorized transactions aren't known. Banks generally don't disclose them.

A typical banking trojan remains dormant until the customer logs on to a banking website. It then steals usernames and passwords by capturing keystrokes or copying the log-on page after the victim has filled it out.

So-called man-in-the-middle trojans go further. One type makes illicit cash transfers while the victim is legitimately logged on. Another can reproduce a copy of the Web page showing account balances — except with the balances altered to show the numbers the victim expects to see. This buys time for the thief to drain the account and hide his trail, Ollmann says.

Despite the trojans, Johnson of the bankers' association insists "online banking, on balance, is safe."

Link: http://www.usatoday.com/money/industries/banking/2009-02-22-bank-accounts-hackers_N.htm
Printer Friendly | Permalink |  | Top
cliffordu Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Feb-23-09 06:49 PM
Response to Original message
1. I was wondering if THIS is why the banks were given brazillians in bailout money
Edited on Mon Feb-23-09 07:41 PM by cliffordu
with no paper trail

It could be considered an act of war.
Printer Friendly | Permalink |  | Top
 
DJ13 Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Feb-23-09 06:51 PM
Response to Original message
2. This is why my wife and I refuse to do our banking online
Saw this coming 10 years ago.
Printer Friendly | Permalink |  | Top
 
CoffeeCat Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Feb-23-09 06:52 PM
Response to Original message
3. This sounds made up!
What is this...one more way of explaining why more of our money is going to be lost?

Printer Friendly | Permalink |  | Top
 
Greyhound Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Feb-23-09 06:58 PM
Response to Original message
4. This is only the consumer end, the pros have been in the bank's systems since at
least the early 90s.

I was part of a consulting team that was hired by BofA 17 years ago to secure their systems. We did our jobs, gave them the bad news that their systems basically had no security, gave them several options for securing their systems, and were told that our services were no longer required. It was determined by the MBAs that the expense of securing was not justified since the money stolen was covered by the taxpayers but the expense of securing would cost them.

I can only assume that it has only gotten worse since then.


Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Thu Dec 26th 2024, 03:10 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC