New bank hack in the UK

Phishing scams, hijacking of TM accounts, keyloggers and all manner of other nasties. This is the place to report them and get help if you've been hit.
Post Reply
User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

New bank hack in the UK

Post by digidog » Thu Feb 02, 2012 11:47 pm

Beware if your online bank offers you training in a new "upgraded security system". You may well be the
victim of a man-in-the-middle attack. There are no reports of this hack surfacing in NZ yet but with
phishing and malware being international, it's only a matter of time. And this scam is seriously clever.

http://www.bbc.co.uk/news/technology-16812064" onclick="window.open(this.href);return false;

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Re: New bank hack in the UK

Post by Foggyone » Fri Feb 03, 2012 2:58 am

The Man-in-the-Browser threat was demonstrated by Augusto Paes de Barros in his 2005 presentation about backdoor trends.

While this is not a new threat, it's obviously got the interest of Spencer Kelly. For all that it's timely to be reminded that this type of attack can happen. The attack is known to present fake transaction data to the victim (as noted in the article) which means that as far as the Bank is concerned the transaction was legitimate. This could cause real problems when a victim does find out, and approaches the Bank.

What is not said, though it is implied in the story, is that this malware (trojan) is a Microsoft Windows problem. Most unlikely to affect computers running OSX or Linux.
Google, the answer to so many questions!
-----------------------------------------------------

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests