Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IE Malware Captures Passwords Ahead Of SSL

Posted by simoniker on from the tricky dept.

Ken Treis writes "SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and 'watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.'."

10 of 986 comments (clear)

  1. Re:Coming events by Anonymous Coward · · Score: 0, Offtopic

    Personally, I use Opera on Linux, and Safari on MacOS X.

  2. Re:Let's not be hasty... by HeghmoH · · Score: 1, Offtopic
    And is everyone here is just assuming that information is authentic? That could just be some poor random schmuck whose name got used by someone else (identity theft happens), so let's not start any DDOS or Phone tree attacks on the guy. Or for the more dense:
    "You! Step away from the wardialer! NOW!"

    --
    Your lucky number is 3552664958674928. Watch for it everywhere.

    It's ok. I'll just wardial the number in your sig instead.
    --
    Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
  3. Remember the source code theft? by Yaa+101 · · Score: 1, Offtopic

    It seems that some people have been studieng...

    It looks like hunting season has been opened...

    IE users, do yourself a favor and start listening to all the bright people on here telling you to use Firefox or Opera...

    I use Phoenix/Firebird/Firefox since 0.4 and am happy since.

  4. Fine, bitch to the owner of the netblock by Theatetus · · Score: 1, Offtopic

    Unlike the domain name, that will not be fraudulant:

    host www.refestltd.com
    66.226.64.11

    whois 66.226.64.0
    Abacus America Inc.
    ABAC
    5276 Eastgate Mall
    San Diego
    CA
    support@aplus.net

    --
    All's true that is mistrusted
  5. Re:Coming events by jumpingfred · · Score: 0, Offtopic

    Why does fire fow sometimes have the slashdot text appear over the menus and links to the right of the posts? IE and opera don't have this problem.

  6. Re:Coming events by cyfer2000 · · Score: 0, Offtopic

    and here firefox on OS X.

    BTW, this is my first post of the day, and slashdot.org told me to slow down because I just posted one 18 seconds ago, could this be a bad signal?

    --
    There is a spark in every single flame bait point.
  7. Re:Coming events by edsonmedina · · Score: 0, Offtopic

    Nope, you should just be smart about your office desktop's security settings and perhaps even use the browser-help-object (BHO) listing tool noted in the linked article: http://www.definitivesolutions.com/bhodemon.htm. I just checked my desktop, and it wasn't infected; so I'll still do banking online and continue to be wary of security issues.

    That could be translated to "Nope, i dont use a condom because I'm smart, i just carry a AIDS test and check my partners every time".

    Just plain dumb and inefficient.

  8. Re:Coming events by gphinch · · Score: 0, Offtopic

    replying to your sig more than the post..if you've ever lived in LA (Hollywood especially), that isn't much to live on. If you want to have any sort of relations with the females around here making that much is a bare minimum unfortunatley, and they pretty much always ask you how much you make within 5 minutes of striking up a conversation.

    --
    in bed.
  9. I agree (nt) by PeelBoy · · Score: 0, Offtopic

    noooteeexxtttteeekmoooo

  10. Re:Coming events by maddskillz · · Score: 0, Offtopic

    Testinf isn't a good idea...takes too long for the results to come back, ruining the mood