New IE Malware Captures Passwords Ahead Of SSL
Ken Treis writes "SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and 'watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.'."
Cue the "Gee I'm glad I use FireFox on Linux" posts.
"They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
Is why I transmit all of my passwords in plain text... not very secure, but a lot less obvious then all of these complicated 'security' or 'encryption' methods.
Help Brendan pay off his student loans
This is why I do all my online banking using Gopher.
What's a browser? Is that like Internet Explorer? But why do I need another one when I already have Internet Explorer? Don't I have to use Internet Explorer to connect to the internet?
By reading this you acknowledge that you have read it.
From the article:
It is actually a 27648 byte Win32 executable that has been compressed using the Open Source executable compressor UPX.
Cue the FUD saying "look I told you Open Source was inherently less secure!"
Download my free songs!
"Why would you fsck with SSL..."
Because there are no files to check, just packets?
"Derp de derp."
(Score: -1, Redundant)
sulli
RTFJ.
When will us Linux users finally get to experience all of these exploits and viruses? It looks like Windows users have all the fun. :-)
Unfortunatly this describes 90% of people out there. The only way I can think of to overcome that kind of pervasive ignorace is a public service campaign like the anti-drug campaigns.
[joke]
"This is your computer.. this is your computer on Internet Explorer"
-or-
"Friends don't let Friends use Internet Explorer"
-or-
"Just say No to Internet Explorer"
[/joke]
Seriously, there needs to be a TV campaign or even public service banners on high traffic sites like google or CNN.
a) Threaten to never support her computer again
b) Hide the IE shortcuts
c) Change the IE homepage to say, in big letters, "YOU'RE NOT SUPPOSED TO BE USING THIS NOW GET OUT AND START FIREFOX"
d) If you have Zonealarm on her computer, set it so IE has no Internet access
e) Use IE's Content Advisor to block all Web sites
f) I could go on and on
I really must stop watching Comedy Central.
I don't want knowledge. I want certainty. - Law, David Bowie