Tick-like banking Trojan drills into Firefox, sucks out info

Discussion in 'malware problems & news' started by vasa1, Mar 1, 2012.

Thread Status:
Not open for further replies.
  1. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    http://www.theregister.co.uk/2012/03/01/neloweg_banking_trojan/
     
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    I'm still glad I don't bank online!
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    lol a bit dramatic. It sounds like a fairly typical patching virus.
     
  4. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    Generally speaking, online banking will require a certain amount of competence and nous.
     
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    You can protect yourself from a lot of these (not all, there is a bit of 64bit malware around) by using a 64bit browser, which will be invisible to the 32bit malware.
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Why did they single out Firefox though?
     
  7. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    What do you mean? 64bit OS's can run 32bit code. A 32bit dll can be loaded into a 64bit exe.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Uh, you sure about that?
     
  9. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    From the article:

    ----
    rich
     
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    OK... drive-by download... An exploit that will result in a drive-by download, perhaps? Prevent the exploit, either by using IE Protected Mode, Google Chrome, a restricted Firefox, etc. Or, just block execution with a default-deny. Is it social engineering? Adobe Flash Player trick? Maybe a Adobe Reader trick? I suppose the answer here is not to fall for it?

    Spam.. same deal. Don't open strange e-mails, default-deny...

    Targeted e-mail... same deal?

    Also, if you're doing home banking, and if you're restricting communications to your bank servers only, then how will the malware connect out? o_O

    Isn't this one more of those another one bites the dust situations? :blink:
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    LOL! I had just finished writing a post about that. :D
     
  12. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    Yikes, I just looked it up and stand corrected.
     
  13. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    Yeah, like Waterfox or IE 9! ;)
     
Loading...
Thread Status:
Not open for further replies.