http://www.wired.com/threatlevel/2009/09/rogue-bank-statements/ By Kim Zetter Threat Level Wired.com September 30, 2009 New malware being used by cybercrooks does more than let hackers loot a bank account; it hides evidence of a victim's dwindling balance by rewriting online bank statements on the fly, according to a new report. The sophisticated hack uses a Trojan horse program installed on the victim's machine that alters html coding before it's displayed in the user's browser, to either erase evidence of a money transfer transaction entirely from a bank statement, or alter the amount of money transfers and balances. The ruse buys the crooks time before a victim discovers the fraud, though won't work if a victim uses an uninfected machine to check his or her bank balance. The novel technique was employed in August by a gang who targeted customers of leading German banks and stole Euro 300,000 in three weeks, according to Yuval Ben-Itzhak, chief technology officer of computer security firm Finjan. "The Trojan is hooked into your browser and dynamically modifies the text in the html," Ben-Itzhak says. "It's a very sophisticated technique." [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Wed Sep 30 2009 - 01:22:04 PDT
This archive was generated by hypermail 2.2.0 : Wed Sep 30 2009 - 02:09:37 PDT