IT security, vunerabilities, bugs, fixes, flaws, RSA conference and Infosec.
A blog from

« August 2010 | Main | October 2010 »

Zeus variant marches into mobile banking

Security vendor F-Secure has come across a fresh variant on the Zeus Trojan that it said could be targeting mobile banking users.

According to a blog post from the firm, the hack seems designed to steal Mtans, which are one time mobile transaction numbers used by banks. The firm warned that the variant could be used to steal these Mtans from a Windows OS based phone using either a Symbian, .sis, or Blackberry, .jad, component  

F-Secure was following up on an earlier security announcement from another set of researchers.

"S21sec, a digital security services company, posted on their blog on Saturday [about the attack]," F-Secure noted.

"The ZeuS variants they've discovered (which we detect as Trojan-Spy:W32/Zbot.PUA and PUB) ask for mobile phone details and then send an SMS with a download link based on the answers given by the victim."

Infecting the user's mobile device in this way means the cyber criminals can intercept any one-time transaction numbers used to authenticate in online banking.

F-Secure said that it was difficult to get a handle on the attack, because the command and control channel used by the Trojan is no longer online.

"This attack is not a one-off by some hobbyist" it warned. "It's been developed by individuals with an excellent understanding of mobile applications and social engineer. We expect that they'll continue its development. [The game of] Cat-and-mouse continues."

September 28, 2010 | | Comments (0)

Young Brits failing on password protection

New AVG research has revealed what many of us have suspected for some time - that when it comes to password protection many users are simply not getting the basics right.

Only half of UK 18-25 year olds password protect their mobile devices while around four out of ten share their passwords with friends and family.

In what may be a quirk of the survey rather than an intrinsic disregard for security measures, 42 per cent of women under 25 share their passwords compared to 28 percent of men.

On the positive side, however, over three quarters of respondents (78 per cent) of respondents said they secure their laptops or PCs with a password.

"Sharing passwords can leave your social networks open to status jacking and leaves your other online accounts, such as banking, vulnerable to attack," said Tony Anscombe, head of free products at AVG.

"You only have to walk away from your mobile for a few minutes for someone to access your email, download your contacts, and to masquerade as you on a social network."

Account hacking on social networks has reached such proportions that Facebook recently announced a security feature which allows users to remotely log out of active sessions on any device.

September 23, 2010 | | Comments (1)

Microsoft confirms Outlook Web Access flaw

Microsoft has confirmed an already publicly disclosed vulnerability in its Outlook Web Access (OWA), that leaves systems open to attack.

The firm said that it had finished an investigation into the issue, which affects its Exchange customers.

"An attacker who successfully exploited this vulnerability could hijack an authenticated OWA session. The attacker could then perform actions on behalf of the authenticated user without the user's knowledge, within the security context of the active OWA session," it said.

The vulnerability is not fussy, and hits supported editions of Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007 - except Microsoft Exchange Server 2007 Service Pack 3.

Less fragile are Microsoft Exchange Server 2000, Microsoft Exchange Server 2007 Service Pack 3, and Microsoft Exchange Server 2010, which are not affected.

Presumably pausing from a web cast in which it was schooling grandmothers in the art of sucking eggs, Microsoft said that customers should upgrade to a non-affected version, or employ a workaround.

Microsoft said that it was unaware of any attacks that looked to exploit the issue, although that was sometime ago.

September 15, 2010 | | Comments (0)

Malicious spam triples in August

Spam levels took another jump last month with the number of unwanted messages bearing malware tripling in volume, according to the latest State of Spam and Phishing report from Symantec.

In a report which will make grim reading for IT security administrators, spam made up 92.51 per cent of all messages in August, compared with 91.89 per cent in July, while .zip attachment spam saw a four-fold increase from the previous month.

The research also noted a wave of .html attachments with malicious JavaScript as the volume of malicious spam more than tripled. There was better news for the EMEA region, however, with the amount of spam originating in the region declining over five percentage points to just 43.17 per cent of all spam.

On the phishing front, emails designed to harvest sensitive information increased by one per cent as the boom in automated toolkits continued to have a significant impact. Phishing web sites created by automated toolkits increased by 92 per cent, the report found.

September 13, 2010 | | Comments (0)

Cybercrime too time consuming to fight

A report [PDF] from Symantec has found that when it comes to cybercrime, many people are just not willing to spend time or effort on fighting back against its perpetrators.

The firm's Cybercrime Report: The Human Impact report surveyed 7,000 online users from around the globe and found that 65 per cent had been affected by cybercrime in some way.

However, it can take an average of 28 days to resolve a cybercrime, and costs around £215 to resolve that crime, meaning many of those that are affected are unwilling to take action.

Some 80 per cent of those surveyed said they didn't believe criminals would be brought to justice while Symantec noted a discrepancy in the number of people saying they have been affected by cybercrime to official data on incidents reported.

Symantec's Adam Palmer, lead cyber security advisor, said those affected were right not to be confident of any legal action being successful.

"Many criminals reside in a foreign country so it's no surprise that people regard them as 'faceless' as they physically are. And, because international cybercrime is hard to uncover and prosecute, people genuinely aren't seeing justice being done," he noted.

Furthermore, many people don't even consider the police their first port of call for such incidents, and instead just deal with the institution which is most directly affected, most often their bank.

Sixty-three per cent of all UK citizens affected by cybercrime ring their bank to report issues, while 61 per cent of US citizens do the same. Those most likely to call on the fuzz are the Swedes (74 per cent) and the Japanese (52 per cent).

The report also touched on the human side of cybercrime finding that, surprisingly, 78 per cent of those affected felt guilty for being a victim. More understandably, perhaps, 58 per cent felt angry, while 29 per cent felt scared after a violation.

However, the report did contain some positives, claiming that 75 per cent of respondents now know not to share passwords with others while 71 per cent never open email attachments from strangers.

Enhanced by Zemanta

September 8, 2010 | | Comments (1)

Site credentials: About | Privacy policy | Terms & conditions | Top of the page
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093