waldwolf Posted February 15, 2008 Share Posted February 15, 2008 Members doing online banking should be aware that a new, very sophisticated Trojan entitled "SilentBanker" has recently been identified. The Trojan, targeting over 400 banks worldwide, can intercept transactions that require two-factor authentication. It can then silently change the user-entered destination bank account details to the attacker's account details instead. The Trojan intercepts all of this traffic before it is encrypted, so even if the transaction takes place over SSL, the attack is still valid. When instructed, the Trojan can also redirect users to an attacker-controlled server instead of the real bank in order to perform a classic "man-in-the-middle" attack. The Trojan can also download updates, which it does, regularly. More information: Symantec - "Banking in Silence" waldwolf Link to comment Share on other sites More sharing options...
nikster Posted February 15, 2008 Share Posted February 15, 2008 Thx for the info, very interesting. I always thought this was possible, just didn't think it would be so soon. Two factor authentication my @ss, this gets around everything currently available. In real time. Link to comment Share on other sites More sharing options...
johnh101 Posted February 16, 2008 Share Posted February 16, 2008 This is scary. I remember reading a few years ago, an article that police had discovered that the Russian Mafia were recruiting computer geeks to create the ultimate virus which would redirect online banking transactions to their accounts. Looks like they made it ! Link to comment Share on other sites More sharing options...
rak sa_ngop Posted February 16, 2008 Share Posted February 16, 2008 This is scary. I remember reading a few years ago, an article that police had discovered that the Russian Mafia were recruiting computer geeks to create the ultimate virus which would redirect online banking transactions to their accounts.Looks like they made it ! I thought that was "Die Hard 4" Link to comment Share on other sites More sharing options...
Richard-BKK Posted February 16, 2008 Share Posted February 16, 2008 Anybody serious about internet banking would say, no problem as he is using Linux as operating system... Link to comment Share on other sites More sharing options...
RKASA Posted February 16, 2008 Share Posted February 16, 2008 I not only use linux, I keep my bank account empty. Its fool proof. Link to comment Share on other sites More sharing options...
Crossy Posted February 16, 2008 Share Posted February 16, 2008 I not only use linux, I keep my bank account empty. Its fool proof. I don't use Linux, but my wife keeps my account empty, is this sufficient security?? I'm assuming that the new "calculator thingy" being introduced by Nationwide will prevent this type of fraudulent access as the code produced is different every time. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now