Sydney-based Woman Lost Money Online to Trojan
As per the news published by TMCnet on November 10, 2008, a Trojan virus infected computer of a lady, Sandra Bridekirk, and transmitted her online bank account password to a Russian server when she visited her bank's website. Later on, the stolen information was used to set up unauthorized withdrawals of money from her bank account.
The victim revealed that the theft came into notice when she found two unauthorized withdrawals of $1,485 each from her bank account held with a reputed bank in the first week of November 2008.
Following the two unauthorized deductions, when she called up at the bank for information, she was informed that the third payment was scheduled that day only. The third payment was stopped and her $3,000 was frozen until police and her bank finish the investigation. It was also found that the payments had been made to an interstate bank account. After careful examination of her computer, it was discovered that her web credentials had been stolen from the system.
Ms. Bridekirk said, the fearsome thing in the payments was the use of her password and personal access number, as reported by AustralianIT.
Commenting on the incident, Andreas Baumhof, Chief Technical Officer of TrustDefender, an online transaction security firm, said, a drive-by download was installed in Ms. Bridekirk's computer on September 2, 2008. It means that a Trojan entered her system without her knowledge while visiting an infected website, as reported by AustralianIT on November 11, 2008.
Mr. Baumhof further said, the Trojan found on her system was Trojan.Spy.Banker.EGJ, which inserts more HTML into the banking web pages to steal credit card details and passwords. He also said that the Trojan was active until September 10, 2008.
Kathryn Kerr, Analysis and Assessments Manager, AusCERT, said, the insertion of HTML feature in a computer is very dangerous because it hides and waits with the list of targeted websites until finds one, as reported by AustralianIT on November 11, 2008.
Security experts have advised computer users to check if their antivirus software includes intrusion prevention capabilities and a firewall.
Related article: Sudden Surge in Malicious E-mail Attachments Raise Brows
» SPAMfighter News - 26-11-2008