Bogus News Site Spreads Trojan
A new security threat has targeted Australian banking customers. It is an online news piece that says that local banks would be closed for a week. The news story comes in an e-mail that apparently connects to News Ltd.'s 'news.com.au' site. When a user goes to the spoof website, a malicious Trojan gets downloaded.
The subject title of the e-mail is "News Limited Important Information". The body message reads, "All Australian banks will be closed this week." It distinctly names Commonwealth Bank, ANZ Bank, and West Pack (sic) Bank. The message also carries a fake company logo. The mail content requests readers to gain more information through a link that actually joins to a spoof news website.
As per security company Sophos, the scam is different from the conventional phishing e-mails. It does not ask the reader to update his/ her banking details and then lure to a fake website, instead the e-mail urges the reverse: It urges the clients of Australian banks not to update or confirm their account information
E-mail recipients who out of curiosity click the web link will open a bogus 'news' site, which seeks to infect the operating system with some phisher's 'Trojan'.
The flaw works viciously only if the customer's computer is hacked by a keylogger. When the web page is accessed using the Internet Explorer, the Trojan is activated and it runs a concealed script that downloads a malicious spyware application named Troj/Banker-DLD. The program steals information and records keystrokes. With this it captures the username and password to transfer it to the invisible attacker.
It is clear that all four of Australia's big banks have a serious security flaw in their online banking service. But the banks lay the responsibility on their customers to guard their own systems. They stressed that customers should have updated anti-virus and anti-spyware software to secure their systems against keylogger's infection.
The truth is that as long as money can be made vulnerabilities of online banks will be sought and exploited. By using a two-factor authentication in online banking system, some of such attacks can be reduced, and security expectation of clients ensured.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 20-09-2006