A Cave Monster from Hell Wants Your Financial Data

A novel and pretty sneaky Trojan designed to steal financial data appeared on our radar screen last week. The Trojan, once installed on a victim’s computer, rootkits itself to prevent detection, then watches the victim’s browser for any attempt to connect to the secured, HTTPS login page of several online banks. When the victim visits the login page the Trojan has been waiting for, the Trojan generates a form that “hovers” over the login page asking for additional verification information.

“In order to provide you with extra security, we occasionally need to ask for additional information when you access your accounts online,” reads the popup window. Everybody needs extra security, right?

Of course, the additional information that the bank appears to be asking for is all information the bank already should have if you have an account there: The number on your credit and debit cards; a Social Security number; your date of birth and mother’s maiden name; The PIN code for your debit card and the security code printed on the front of any credit card issued by the bank.

The problem is, the form completely blocks the full page, preventing you from logging in — until you fill in all the fields in the form it displays. Then it sends that information (encrypted with SSL, mind you) to a server at the IP address 121.101.216.234, part of the address space allocated to Beijing Telecom.

Full Article; Webroot

Comments

Post a Comment

Popular posts from this blog

KEPONG Gangster甲洞

Image
“ KEPONG ”, a famous local Chinese gang/gangster neighbourhood, is a story about five young men whom are best friends that join a gangster and then faces the reality of gangster life with financial problem, drugs, power and so on, ending up breaking their friendship and bad consequences. From the left: Rayz, Melvin, Hero, Henley & Billy. Although the theme of the film mainly focus on the story of the gangster, however, it still indirectly convey a positive message to the teenage, to highlight to them not to involve in any such activities which might ruin their bright future. The Kepong movie introduce: Director: Teng Bee Casts: Melvin Sia, Henley Hii, Hero Tai and Aunty Lai Meng Genre: Gangsterism, Teenager Release date: 13 September 2012
Read more

Azusa Aida makes her 13th appearance

Image
So what do you do with 21 girls? Hold a Gravure Idol contest that’s what. At Toshimaen Pool, Sankei Sports and One Eight Promotions held their “Visual Queen Photography event in Toshimaen 2010.” 1200 fans were entertained by the girls in their bikinis and other costumes. Azusa Aida made her 13th appearance at the event. She advertised her new DVD that will be released 8/25 and hopes that many people will purchase it. More photo visit; Tokyohive
Read more

Google plugs 'high risk' Chrome browser holes

Image
Google has shipped another Chrome browser update to fix multiple security security vulnerabilities. Some of these security holes can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user’s system, according to this Secunia advisory.Secunia rates this a “highly critical” update. According to this basic documentation, there are a total of 11 vulnerabilities in this patch batch. Google is withholding details on most of the serious vulnerabilities until the majority of Chrome users are fully patches. Some of the flaws affect Linux users only. Here’s what we know: [48225] [51727] (Medium-risk) Possible autofill / autocomplete profile spamming. [48857] (High-risk) Crash with forms. [50428] (Critical) Browser crash with form autofill. Credit to the Chromium development community. Continue reading
Read more