EXE.files - ParetoLogic's Newsletter

	Go to ParetoLogic.com »
	Aussie net filters: Protection or censorship? »
	Facebook posts possibly break Canadian law; jeopardize trials »
	Trojan horse galloping away with loot from banking customers »
	VB Conference 2008 »
	SafeSurfer »
	Geek Speak »
	Community Forum »
	Team Player »
	PC Security News »
	Pareto's Perks »
	Internet Security »
	Questions & Answers »
	Download »
	ParetoLogic Blogs »
	Sound Advice »
	All Archived Articles

Do you feel safe online? Keep yourself up-to-date with what is happening in regards to online security with the PC Security News. This monthly publication, delivered by email, is chockfull of interesting news stories, tips for protecting yourself online and product information.
Sign up now for free.

Trojan horse galloping away with loot from banking customers

Banking customers all over the world are experiencing a bit of the plight of the mythical city of Troy.

A Trojan horse is being downloaded by unsuspecting Internet surfers. It doesn't cause any problems until customers head to their bank's website. Then the "Silentbanker" actually places itself between the site and the client. This allows those who are pulling the Silentbanker's strings to take all the cash they want. More than 400 banks worldwide have been targeted by what is being billed as "one of the most sophisticated cyber attacks to hit the Internet," according to a Jan. 17 CanWest News Service story.

"I'd have to say it is one of the most sophisticated we have seen. What makes it more dangerous is it seems to be staffed by professional software developers," said Al Huger, vice-president of security response and services for Symantec, in the CanWest article. "They are writing this and maintaining it just like they would a piece of software you might buy."

When Silentbanker was first reported in December of 2007, Symantec classified it as a "very low" Risk Level 1 threat. It was originally thought that Silentbanker only did key logging, capturing screen images and stealing confidential financial information, according to a Jan. 14 story on SC Magazine online. However, it has been revealed the malicious program allows it to change the user-entered destination for the dough to the attacker's account. As well, if the criminals are missing some information they need, they appear to be able to alter the bank's authorization page to ask the customer for it.

"What they are doing is they are already on your computer, and when you type on your computer, they are sitting between your keyboard and the bank," Huger said. "They are intercepting everything you send to your bank and everything your bank sends to you. It is called a man-in-the-middle attack."

The Trojan horse seems to be downloading onto computers from a variety of websites. "It is the complete gamut - from gaming sites to porn sites to home-craft sites," Huger stated in the CanWest story. The article also states people not using up-to-date anti-virus software or who have not updated their web browsers could be susceptible to Silentbanker.

Back to main Newsletter »

ParetoLogic XOFTspy Portable Anti-Spyware

Each month ParetoLogic features one of its sophisticated powerful software products for you to try and enjoy!

To learn more about this month’s freatured product, click on the buttons below; they will allow you to download the product, explain how to download the product or let you view an informative video about this exciting solution.

XOFTspy Portable

How to Download

Play Video