funsec mailing list archives
Oooh! Scary! (and also wrong ...)
From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Tue, 29 Jul 2008 11:31:24 -0800
You wanna know why I'm pedantic about malware terminology? `United Kingdom banks and other financial institutions are being warned to be extra vigilant following the release on the internet of a new so-called PC super bug designed to steal online banking log-on details on an unprecedented scale. Cyber criminals have let loose a virus called Limbo 2 Trojan, which, according to security experts, is an extremely nasty bug developed specifically to worm its way into finance websites in order to cause maximum damage.' So far, aside from the rather ill-defined reference to a "PC super bug" I don't have all that much of a problem. A trojan could be designed to "worm" into the system. "Security firm Prevx said the difference this time is that the new bug has been developed specifically to evade the vast majority of anti-virus computer systems. Such systems are devised by global IT security firms including McAfee, Symantec, and AVG. Finance houses all over the world rely on them to provide adequate protection. Hmmm. What we have heah, is a failyuh to c'mmunicate that we are trying to badmouth our competition. "It is estimated that a single data breach can cost a big firm more than £3m to rectify." Ooooh, scary. "Prevx reported that the Trojan bug features a changeable shell with a pliable cloak coming in many guises and variants to try to fool security systems and slip past conventional signature-based anti-virus detection." Can you say "polymorphic"? Can you say that we've already dealt with polymorphs, as far back as 1987? Can you say that trojans, because they are non- replicative, don't use ploymorphism because they don't copy themselves? (Argh.) "This involves illegal technology that generates fake information boxes on a compromised computer, asking the user to enter more information than usual. While this is happening, passwords, credit card information and other personal details are transmitted to the malwares criminal operator to then exploit financially." Gee, sounds like phishing. http://business.scotsman.com/bankinginsurance/Banks-warned-of-computer- 39super.4328710.jp Let the reader beware of a) vendor press releases, and b) newspapers that uncritically print vendor press releases as news. ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Question Authority - Don't ask why, just DO IT! victoria.tc.ca/techrev/rms.htm blogs.securiteam.com/index.php/archives/author/p1/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Oooh! Scary! (and also wrong ...) Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 29)