News Finjan warns over new banking Trojan

http://www.bit-tech.net/news/bits/2009/10/01/finjan-warns-over-new-banking-trojan/1

Security firm Finjan has alerted users to a particularly insidious new Trojan which infects Windows-based systems and steals money from on-line banking systems.

 

I've never wanted it to be April 1st while reading an article as much as I do now.

 

Thank heavens for NoScript.

 

browser and os updates galore again

 

Scary - good thing I have already moved to Linux for my Internet.

 

This one actually sounds nasty: most of them can't really log into the online banking systems AFAIK

 

The scariest thing about this trojan is that it doesn't just sniff your bank login details and then let a user try to log in and pilfer your cash, it lets the user log in and then changes the commands on the fly, in both directions, to allow it to rip you off without you even knowing.

Worst of all, this will completely defeat multi-factor authentication.
Scary stuff!

 

Looks like they forgot to install Microsoft's latest "Security Essentials". rofl.

"This security breach has been brought to you by Microsoft Windows."

 

Scary stuff indeed but I dispute your claim that it will defeat multifactor auth - my bank supplies a little keypad thing that I have to insert my card into. If I want to make a transfer to a new recipient I have to enter the recipient account number, amount and a challenge code, all of which is then hashed together with some unique data from my card to produce an auth code that has to be typed back onto the site in order to make the transfer. It is a crashing bore, but does make me feel a bit more secure after today's news. This trojan can't possibly calculate the requisite authentication code, so can't make silent transfers. Not only that, the authentication code is recipient dependent, so the trojan can't intercept and divert my legit transfers either (the server wouldn't accept the auth code because I would have typed the intended recipeient's bank a/c number into the keypad, but the trojan would be trying to post to a different a/c and the auth wouldn't match).

 

Reading this article, like the replies before me, I know should be worried/paranoid/disguised...but...

I just can't help but be impressed by all this. Exploiting flaws, siphoning small but significant amounts dynamically, modifying the html code so you see nothing out of the ordinary?

Assuming this is actually real and not just some deliberate rumour put out by security firms, then wow. Really makes you wonder about the type of person able to code such a sophisticated trojan.

 

I agree with NuTech, I'm also impressed by the level of sophistication and the amount of work that was put into this thing. The sad part is that if this person were using his skills for good he or she would be able to achieve great things that are actually useful for everybody.

 

*cough* Entrapment *cough* Swordfish *cough*

I'm going to have to agree again with the two people beofre me, what its doing is devilishly ingenious and to be honest quite cool because to do it all on the fly in such a way and no one at either end is none the wiser is clever, very clever in my opinion and it must have taken some serious work to get it to a ready state.

At the same time though it is very scary for the not so tech savy and even the tech savy as they'd know nothing about whats going on until its all over.

 

That's really good to hear Mclean.
Now you mention it, I have a card reader thing I need to use i order to add a new recipient of cash to my online banking.

 

I have nothing more to say ^_^