Comments on: Fire Alarm Company Burned by e-Banking Fraud

By: Houston Fire Alarm Isntaller

Houston Fire Alarm Isntaller — Wed, 04 Aug 2010 18:31:13 +0000

Oh that is just not quite what I wanted to read. eww.. Sorry man.

By: Sofia Singh

Sofia Singh — Tue, 22 Jun 2010 05:32:44 +0000

Internet money these days is getting larger and larger.~”-

By: TheGeezer

TheGeezer — Sat, 22 May 2010 22:07:29 +0000

And I notice the “Payment Processing Assistant” job is still available and “hot” and has the same minimum requirements…. basically, 18, still breathing and with a bank account. Not much different than those supposedly legitimate money making schemes advertised in the early morning hours on every cable channel.

By: AlphaCentauri

AlphaCentauri — Sat, 22 May 2010 18:17:10 +0000

And here it is a month later, and personalfincomp.com is still in business. And it’s registered by Yahoo, hardly a rogue registrar. So much for these schemes being so blatantly obvious that even the least educated money mule ought to be held responsible for their involvement.

By: BrianKrebs

BrianKrebs — Fri, 30 Apr 2010 19:45:23 +0000

Petey, thanks for your question. Virtual machines are probably better than nothing, but they would almost certainly be susceptible to these sorts of attacks.

Bear in mind that most keystroke loggers hook the keyboard at a fundamental level on the infected PC. Which means in theory that they could just as easily hook the keystrokes on a virtual machine that’s running on top of Windows.

What’s more, most malware includes what’s known as a form grabber, which can theoretically capture credentials sent in any outgoing http or https:// transactions on an infected Windows machine.

By: PeteyB

PeteyB — Fri, 30 Apr 2010 14:28:37 +0000

What Laura is reffering to is monitoring the way your client interacts with your online banking site. ZueS works by knowing the layout of the specific site it is going to attack (form layout, which pages contain which information, etc.) so if your client is jumping between non linked pages, or entering information too fast, or hidden input fields are superfluously added to pages, the bank should be alerted by this suspiscious activity and dissalow the transer.

By: PeteyB

PeteyB — Fri, 30 Apr 2010 14:22:24 +0000

Would a virtual machine used only for online banking still be succeptable to these attacks? I’m just wondering why people always reccomend using seperate “hardened” machine when Virtual Machines are so easy to set up.

By: MessengerBoy

MessengerBoy — Wed, 28 Apr 2010 16:39:53 +0000

Businesses should realize that they are expected to be more sophisticated than consumers. It’s high time they realize that they need to be smarter and stop being naive when it comes to online banking. Perhaps banks should test and certify a potential user before allowing them to conduct online activity. (Yeah, like that’s going to happen.)

By: TheGeezer

TheGeezer — Tue, 27 Apr 2010 14:34:20 +0000

“Anyone for cash?”

I can understand your wanting to just drop online banking altogether.

However, I for one do not want a band of internet sociopaths to destroy the advantages of the internet much like Al-Qaeda has done with the airline industry.

I think this war is winnable and the approach outlined by AlphaCentauri seems to be a very sensible one. Hopefully, Krebs’ reporting on the damage incurred from this criminal activity will catch the attention of someone with enough influence to get something started.

By: Andy

Andy — Tue, 27 Apr 2010 00:11:00 +0000

Perhaps the banks should be getting their security teams together and finding ways that they can beat the bots. After all they are one part of the equation, so they need to be doing something as well. Maybe they are already. Or maybe they can’t be bothered because it is easier to blame the customer and this way it doesn’t affect their profits. Much. Anyone for cash?