- Joined
- Sep 18, 2007
- Messages
- 1,230
January 17, 2008 EDMONTON JOURNAL (FINAL) PAGE: A3 (NEWS)
Computer virus can drain bank accounts
Sophisticated piece of software operates like a `man in the middle` thief
Gillian Shaw, Vancouver Sun; Canwest News Service
VANCOUVER - In what is being billed as one of the most sophisticated cyber attacks to hit the Internet, a virus has been released that gets between computer users and their banking websites, giving thieves free rein to drain accounts and wreak financial havoc on their victims.
Dubbed the "silentbanker," the virus is a Trojan horse that computer users can unknowingly download onto their computers by simply browsing websites. It operates undetected, with the first sign that it is at work the possible notification from a bank that a client has been a victim of fraud.
More than 400 banks -- including some in Canada -- have been targeted worldwide by the virus, which operates across countries and in many languages, according to Symantec, a global security company that has been tracking the progress of the virus.
"I`d have to say it is one of the most sophisticated we have seen. What makes it more dangerous is it seems to be staffed by professional software developers," said Al Huger, vice-president of security response and services for Symantec.
"They are writing this and maintaining it just like they would a piece of software you might buy. There is a lot of money on the line for them. It is certainly organized."
Unlike conventional cyberbanking frauds, where bank clients are steered to a bogus website masquerading as their bank`s online pages, in this scam the hacker uses the genuine bank website and so is able to manipulate the user`s account, steering payments into a hacker`s account or cleaning out the entire bank funds altogether. It can also be used to steal credit card information and passwords.
When a banking client signs onto his or her banking website, the hacker is a silent third party -- occasionally showing a presence by adding a new function button to the site, such as a request for additional security information -- but often remaining completely hidden and making no changes at all to the site the banking client is seeing. loro:#3a423c-->
All the functions, from transferring funds, to paying bills or checking credit card balances, remain the same and they continue to work, thereby giving the user no cause for suspecting the site has been compromised.
"What they are doing is they are already on your computer, and when you type on your computer, they are sitting between your keyboard and the bank," said Huger. "They are intercepting everything you send to your bank and everything your bank sends to you.
"It is called a man-in-the-middle attack."
Huger said the current attack has been underway for about four days, and while he said Symantec has seen it try to infect thousands of its customers, the company`s security software has stymied the attempts.
However, computer users who don`t have up-to-date antivirus security software installed, or who haven`t updated their web browser to fix flaws that are allowing the Trojan to proliferate, are open to attack. "It sits on the website and, unbeknownst to you, it downloads to your system," said Huger, who added that the hackers behind silentbanker are probably also trying to send the virus out via e-mail.
Huger said the download could originate from many legitimate websites.
"It is the complete gamut -- from gaming sites to porn sites to home-craft sites," he said. "This is breaking into a lot of legitimate sites and placing it there."
I received this heads up in my email this morning from the strata president of one of my condos in BC.
Just FYI
Ed R
Computer virus can drain bank accounts
Sophisticated piece of software operates like a `man in the middle` thief
Gillian Shaw, Vancouver Sun; Canwest News Service
VANCOUVER - In what is being billed as one of the most sophisticated cyber attacks to hit the Internet, a virus has been released that gets between computer users and their banking websites, giving thieves free rein to drain accounts and wreak financial havoc on their victims.
Dubbed the "silentbanker," the virus is a Trojan horse that computer users can unknowingly download onto their computers by simply browsing websites. It operates undetected, with the first sign that it is at work the possible notification from a bank that a client has been a victim of fraud.
More than 400 banks -- including some in Canada -- have been targeted worldwide by the virus, which operates across countries and in many languages, according to Symantec, a global security company that has been tracking the progress of the virus.
"I`d have to say it is one of the most sophisticated we have seen. What makes it more dangerous is it seems to be staffed by professional software developers," said Al Huger, vice-president of security response and services for Symantec.
"They are writing this and maintaining it just like they would a piece of software you might buy. There is a lot of money on the line for them. It is certainly organized."
Unlike conventional cyberbanking frauds, where bank clients are steered to a bogus website masquerading as their bank`s online pages, in this scam the hacker uses the genuine bank website and so is able to manipulate the user`s account, steering payments into a hacker`s account or cleaning out the entire bank funds altogether. It can also be used to steal credit card information and passwords.
When a banking client signs onto his or her banking website, the hacker is a silent third party -- occasionally showing a presence by adding a new function button to the site, such as a request for additional security information -- but often remaining completely hidden and making no changes at all to the site the banking client is seeing. loro:#3a423c-->
All the functions, from transferring funds, to paying bills or checking credit card balances, remain the same and they continue to work, thereby giving the user no cause for suspecting the site has been compromised.
"What they are doing is they are already on your computer, and when you type on your computer, they are sitting between your keyboard and the bank," said Huger. "They are intercepting everything you send to your bank and everything your bank sends to you.
"It is called a man-in-the-middle attack."
Huger said the current attack has been underway for about four days, and while he said Symantec has seen it try to infect thousands of its customers, the company`s security software has stymied the attempts.
However, computer users who don`t have up-to-date antivirus security software installed, or who haven`t updated their web browser to fix flaws that are allowing the Trojan to proliferate, are open to attack. "It sits on the website and, unbeknownst to you, it downloads to your system," said Huger, who added that the hackers behind silentbanker are probably also trying to send the virus out via e-mail.
Huger said the download could originate from many legitimate websites.
"It is the complete gamut -- from gaming sites to porn sites to home-craft sites," he said. "This is breaking into a lot of legitimate sites and placing it there."
I received this heads up in my email this morning from the strata president of one of my condos in BC.
Just FYI
Ed R