Certified online banking trojan in the wild

Discussion in 'other security issues & news' started by ronjor, Feb 22, 2013.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,731
    Location:
    New York City
  3. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    880
    Location:
    Triassic
    Did Trusteer Rapport flag it, quarantine it, or miss it? Just French banks! Odd.
     
  4. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,948
    Location:
    USA
    Time to stop allowing digital signatures with Online Armor unless trusted by Emsisoft.
     
  7. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    thanks.... I used these links found the cache of certificates on my PC.

    Many are expired, it says I can request "new" ones but that box is forever grayed out. Why? Is there a service that I need to turn on?

    There are 100's of these on my box!

    Why not just remove the old certificates? When you click that it says WARNING windows may not function.

    Seems there is a need for a certificate managment system that has a valid certificate! :D
     
  8. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    I have at times thought that might be helpful, particularly if it worked not only with the Windows' certificate stores but also Firefox's and perhaps others. Several specific things I thought might be useful:

    - Mass export/import
    - The ability to easily snapshot things, and compare differences between snapshots.
    - If possible, the ability to display when each cert was added to the local store
    - A scan for potential problems feature, which could look for expired certificates, look for certificates that are not on Microsoft's or Mozilla's root certificate list, verify all certificates, compare the certs you have to those in one or more repositories, scan the software you have on your machine to identify certs it would need, etc.
    - Friendlier/wider/fewer click interface to reviewing certificates

    Anyone know of something that comes close to that?
     
  9. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Hi Wind...

    Thanks for your support on this idea! The whole world of security seems at stake here or am I o_O

    One thing we could do is ask M$ :eek: :eek:
     
  10. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    FWIW, I poked around a little bit. I saw some enterprise tools for checking, managing, etc certificates but didn't dig into them. Looks like Mozilla has a cmdline tool for working with certs. Microsoft has one too and you can also get at them programmatically. So with a little elbow grease I think one could roll their own tool to help work with certificates, check across multiple machines, etc. I saw various examples, particularly Powershell scripts.
     
  11. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Thats interesting. But I have no skills to build my own tool.

    would prefer the heavy weight guys with 5000+ posts to tell us which certificate management tool(s) are reliable.

    I could take a radical position and take a full image of the PC make sure I can restore from it.

    THEN delete ALL cerificates from the cache and see if I can run and slowly build a current safe set.

    I suspect I wont be able to even boot if I do this.:doubt:
     
Loading...
Thread Status:
Not open for further replies.