[DerbyX]

The end is nigh!

[Elvis]

ziggy ziggy:

Well I'll start to worry when the scotiabank gets hacked.I've never seen one of the big sites where you couldnt find the real url and I dont mean what you see in the adress bar.I know all about keyloggers and that,you linux guys just like to fearmonger the windows guys.

Sure fear-mongering

$1:

Cyber attack hits bank websites
Sophisticated virus can clean out accounts without owners suspecting
Gillian Shaw, Canwest News Service
Published: Thursday, January 17, 2008

In what is being billed as one of the most sophisticated cyber attacks to hit the Internet, a virus has been released that gets between computer users and their banking websites, giving thieves free rein to drain accounts and wreak financial havoc on their victims.

Dubbed the "Silentbanker," the virus is a Trojan horse computer users may unknowingly download by simply browsing the Internet. The first sign it's at work may be a bank notification warning their client has been a victim of fraud.

More than 400 banks - including some in Canada - have been targeted worldwide by the virus, which operates in many languages, said Symantec, a global security company tracking the progress of the Trojan.

"I'd have to say it is one of the most sophisticated we have seen. What makes it more dangerous is it seems to be staffed by professional software developers," said Al Huger, vice-president for security response and security services at Symantec.

"They are writing this and maintaining it just like they would a piece of software you might buy. There is a lot of money on the line for them. It is certainly organized."

Unlike conventional cyber-banking frauds - in which bank clients are steered to a bogus website masquerading as their own institution's online site - Silentbanker uses the genuine bank website and is able to manipulate the user's account without the client's knowledge.

Payments are steered into a hacker's account, or cleaned out altogether, before transactions can be encrypted.

It can also be used to steal credit card information and passwords.

When a banking client signs on to their banking website, the hacker is a silent third party, remaining completely hidden and making no changes at all to the site the banking client is seeing. All the functions, from transferring funds to paying bills or checking credit card balances, remain the same and continue to work, thereby giving the user no cause to suspect they've been compromised.

"What they are doing is they are already on your computer, and when you type on your computer [the hackers] are sitting between your keyboard and the bank," said Huger. "They are intercepting everything you send to your bank and everything your bank sends to you. It is called a man-in-the-middle attack."

Huger said the current attack has been under way for about four days, and while he said Symantec has seen it try to infect thousands of its customers, the company's security software has stymied the attempts.

A Symantec security team member said the virus is not just targeting large American banks, but financial institutions around the world, particularly in Europe.

Computer users who don't have up-to-date anti-virus security software installed, or who haven't updated their web browser to fix flaws that are allowing the Trojan to proliferate, are particularly open to attack.

"[Silentbanker] sits on the website, and unbeknownst to you it downloads to your system," said Huger, who added the hackers behind Silentbanker are probably also trying to send the virus out via e-mail.

Huger said the download could originate from many legitimate websites.

"It is the complete gamut -- from gaming sites to porn sites to home-craft sites," he said. "Whoever is doing this is actually breaking into a lot of legitimate sites and placing it there."

The Bank of Montreal said Wednesday it had not heard of the virus threat, but would be investigating. Calls made to other major Canadian banks were not returned.

WHAT TROJAN.SILENTBANKER IS CAPABLE OF:

- When the virus installs itself, the web addresses for 400 different banks are downloaded to the victim computer.

- When the user tries to visit his/her bank's site, the virus impersonates the real customers by sending the attacker's account details instead.

- It appears to the user to be a normal transaction, but your money is being stolen.

- The virus steals passwords for file transfer tools, e-mail, and storage.

- The addresses of hundreds of other legitimate websites that you might visit are illegitimately placed in your computer.

- Hundreds of pornographic websites may be shown to you (so the attacker can make money from the referrals).

- If you think you have found and removed the virus, it may still be functioning because it has changed your Internet account's domain name server (DNS) settings.

- A user's DNS settings can be changed (to 85.255.116.133 or 85.255.112.87 - although Trojan.Silentbanker is elusive and this information may already be out of date).

- Your computer can be turned into a web server to further enable the virus's illegal activity.

I would rather say "Feeling Lucky Punk?" OR " Let's play Russian roulette with my banking information" OR Even better " all you have to do is make sure your anti virus is up to date and your windows is also updated,if people cant be bothered to do that then they get what they deserve."

[ziggy]

Well thats a trojan so if you get one then obviously your AV is not up to date.
As the article says,it's a man in the middle attack,it doesnt come from the bank.

[Elvis]

Ignorance is bliss

[Public_Domain]

[ziggy]

Elvis Elvis:

Ignorance is bliss

I'm not too worried,not exactly a noob around computers.
When working I must have had 100 different wireless connections around Canada,never had a problem.

Plus I dont hit porn sites.

[ziggy]

DerbyX DerbyX:

The end is nigh!

Bill Gates is behind it!

$1:

It appears that many of the earliest victims of Conficker -- the dreaded computer virus that is supposed to switch into high gear on April Fool's Day -- are computer users with pirated copies of Microsoft Windows operating systems.

And

$1:

"There's many more copies of pirated versions of the Windows operating system and those tend not to be patched as often, and that's where it (Conficker) grabs a foothold."

Users that receive regular updates and security patches from Microsoft should be fine, O'Higgins said.

[poquas]

If your Microsoft operating system is legitimate and up to date. Confiker has already been taken care of.

All of the major vendors Macafee (sp?), Norton and all the others have released free disinfecting software, but apparently if your already infected, you won't be able to access their web sites.

The tech who takes care of my gear was just telling me that Mac is no defence from virus's either. There aren’t many Apple viruses around only because there are so few Apples (about 5 % of all PCs). There was a contest held out here on the coast recently where Apple put up $5000 and a new computer to anyone who could break into their system. It took less than an hour. My Tech was saying that if the guys that write these viruses ever decide to really attack the install base of Apple, there’s nothing to stop them. Everyone thinks that Apple is immune.

[RUEZ]

Elvis Elvis:

all you have to do is make sure your anti virus is up to date and your windows is also updated,if people cant be bothered to do that then they get what they deserve.

Sure that's like saying if you don't lock your doors you deserve to be robbed.

[Elvis]

Ruez I was being sarcastic by quoting ziggy

[RUEZ]

Elvis Elvis:

Ruez I was being sarcastic by quoting ziggy

Ah I see, sorry.

[ziggy]

More like leaving your doors wide open.

[Chumley]

I thought I might have had it today. I came home from work and the internet wasn't working. I called Telus and was given a call back.
While I was on hold I started going through the drills and after rebooting the modem it came back up.
Anyways, just a funny thing, the call back I got was an 866 area code, (I think the phillipines is where they are),I hung up after I got my internet up and when I checked my email, there was a spam email offering high paying jobs with a number to call with an area code of 866
I wonder if the Telus Phillipines operators moonlight .

[mtbr]

Chumley Chumley:

I thought I might have had it today. I came home from work and the internet wasn't working. I called Telus and was given a call back.
While I was on hold I started going through the drills and after rebooting the modem it came back up.
Anyways, just a funny thing, the call back I got was an 866 area code, (I think the phillipines is where they are),I hung up after I got my internet up and when I checked my email, there was a spam email offering high paying jobs with a number to call with an area code of 866
I wonder if the Telus Phillipines operators moonlight .

if it's Telus it's always busted.

[CanadianJeff]

ziggy ziggy:

I love these guy's with mac's that think their invulnerable to a virus.

hahahahahahahaha

Now maybe if some people actually used Mac's their would be a reason to write a virus for one,but they are out there.

Lots of people use Macs. I'd say at least 20% of the laptops out there are mac now and the numbers are growing the past few years. But it is true that people don't tend to make mac viruses yet. I would say in 10 or so years we better watch out though.