Malware records banking passwords

Wednesday, 30 June 2004 16:22 EST

A program installed via a pop-up ad stores keystrokes when victims visit banking sites, researchers have warned. A malicious program that installs itself through a pop-up can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites, security researchers warned on Tuesday. The targeted sites include major financial institutions, such as Citibank, Barclays Bank and Deutsche Bank, researcher Marcus Sachs said on Tuesday.

"If (the program) recognises that you are on one of those sites, it does keystroke logging," said Sachs, director of the Internet Storm Centre, a site that monitors network threats. Even though all financial sites use encryption built into the browser to protect log-in data, the Trojan horse program can capture the information before it gets encrypted by the browser software. "The browser does not encrypt data between your keyboard and computer. It's encrypting it (when it goes) out onto the Web."

Read Full Story

News

IM Threat Watch for June 2006
Jun 28, 2006, 14:58 EST

Backdoor Trojan Unleashes Dual-Media Attack
Jun 28, 2006, 10:58 EST

Firefox AJAX Security Risk
Jun 28, 2006, 06:34 EST

Data Security Grabs Attention of Lawmakers
Jun 28, 2006, 06:33 EST

Identity Theft at Work
Jun 28, 2006, 06:31 EST

Security software slaps IE in Sandbox
Jun 28, 2006, 06:26 EST

SPI simulates hackers' brains
Jun 27, 2006, 13:36 EST

Sponsors:
Is your network open to attack? Find out with the #1 sold network security scanner: GFI LANguard Network Security Scanner! Download your FREE trial version today.	Check your website security with a FREE website security audit by Acunetix. Audit your web applications for SQL injection, cross site scripting & more with Acunetix Web Vulnerability Scanner	Software security section is sponsored by GFI, a leading developer ofnetwork security, content security and messaging software - Free trial!


Copyright ? IT-Observer.com 2000 - 2006	Privacy Policy \| RSS Feeds