funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Oooh! Scary! (and also wrong ...)

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Tue, 29 Jul 2008 11:31:24 -0800
You wanna know why I'm pedantic about malware terminology?

`United Kingdom banks and other financial institutions are being warned to be 
extra vigilant following the release on the internet of a new so-called “PC super 
bug” designed to steal online banking log-on details on an unprecedented scale. 
Cyber criminals have let loose a virus called Limbo 2 Trojan, which, according to 
security experts, is an extremely nasty bug developed specifically to worm its way 
into finance websites in order to cause maximum damage.'  

So far, aside from the rather ill-defined reference to a "PC super bug" I don't have 
all that much of a problem.  A trojan could be designed to "worm" into the system.

"Security firm Prevx said the difference this time is that the new bug has been 
developed specifically to evade the vast majority of anti-virus computer systems. 
Such systems are devised by global IT security firms including McAfee, Symantec, 
and AVG. Finance houses all over the world rely on them to provide adequate 
protection.  

Hmmm.  What we have heah, is a failyuh to c'mmunicate that we are trying to 
badmouth our competition.

"It is estimated that a single data breach can cost a big firm more than £3m to 
rectify."  

Ooooh, scary.

"Prevx reported that the Trojan bug features a changeable shell with a pliable 
cloak coming in many guises and variants to try to fool security systems and slip 
past conventional signature-based anti-virus detection."  

Can you say "polymorphic"?  Can you say that we've already dealt with 
polymorphs, as far back as 1987?  Can you say that trojans, because they are non-
replicative, don't use ploymorphism because they don't copy themselves?  (Argh.)

"This involves illegal technology that generates fake information boxes on a 
compromised computer, asking the user to enter more information than usual. 
While this is happening, passwords, credit card information and other personal 
details are transmitted to the malware’s criminal operator to then exploit 
financially."  

Gee, sounds like phishing.

http://business.scotsman.com/bankinginsurance/Banks-warned-of-computer-
39super.4328710.jp   

Let the reader beware of a) vendor press releases, and b) newspapers that 
uncritically print vendor press releases as news.

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
             Question Authority - Don't ask why, just DO IT!
victoria.tc.ca/techrev/rms.htm blogs.securiteam.com/index.php/archives/author/p1/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: