Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IE Malware Captures Passwords Ahead Of SSL

Posted by simoniker on from the tricky dept.

Ken Treis writes "SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and 'watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.'."

18 of 986 comments (clear)

  1. fp by Joey+Patterson · · Score: -1, Offtopic

    fp

  2. Coward by Anonymous Coward · · Score: -1, Offtopic

    fr1st p9st!

  3. uh oh by Anonymous Coward · · Score: -1, Offtopic

    OH damn, bad news.

  4. Re:Coming events by Anonymous Coward · · Score: 0, Offtopic

    Personally, I use Opera on Linux, and Safari on MacOS X.

  5. Re:First Post by uberfruk · · Score: -1, Offtopic

    you lose

    ha-ha

  6. Re:Let's not be hasty... by HeghmoH · · Score: 1, Offtopic
    And is everyone here is just assuming that information is authentic? That could just be some poor random schmuck whose name got used by someone else (identity theft happens), so let's not start any DDOS or Phone tree attacks on the guy. Or for the more dense:
    "You! Step away from the wardialer! NOW!"

    --
    Your lucky number is 3552664958674928. Watch for it everywhere.

    It's ok. I'll just wardial the number in your sig instead.
    --
    Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
  7. Remember the source code theft? by Yaa+101 · · Score: 1, Offtopic

    It seems that some people have been studieng...

    It looks like hunting season has been opened...

    IE users, do yourself a favor and start listening to all the bright people on here telling you to use Firefox or Opera...

    I use Phoenix/Firebird/Firefox since 0.4 and am happy since.

  8. Fine, bitch to the owner of the netblock by Theatetus · · Score: 1, Offtopic

    Unlike the domain name, that will not be fraudulant:

    host www.refestltd.com
    66.226.64.11

    whois 66.226.64.0
    Abacus America Inc.
    ABAC
    5276 Eastgate Mall
    San Diego
    CA
    support@aplus.net

    --
    All's true that is mistrusted
  9. Re:Coming events by jumpingfred · · Score: 0, Offtopic

    Why does fire fow sometimes have the slashdot text appear over the menus and links to the right of the posts? IE and opera don't have this problem.

  10. I'll switch by KalvinB · · Score: -1, Offtopic

    when Mozilla/FireFox fix the caching problem (how hard is it to use the url as part of the cache file name?) and when they unbreak JavaScript. Who knows what else is broken.

    Older versions of Moz/FF work fine with my JavaScript 3D pages. The latest versions don't. It's kind of hard to imagine a good reason why something that worked as it was supposed to in an older version no longer works.

    In the mean time I use IE exclusivly and have never had any problems.

    Ben

    --
    Work Safe Porn
  11. Re:Coming events by Anonymous Coward · · Score: -1, Offtopic

    Anonymous replies go unread. Have something to say? Log in.

    So your real name is Fuzzy Bad Mofo? Or could one say that you are posting anonymously?

    My real name is Miss Information.

  12. Re:Coming events by cyfer2000 · · Score: 0, Offtopic

    and here firefox on OS X.

    BTW, this is my first post of the day, and slashdot.org told me to slow down because I just posted one 18 seconds ago, could this be a bad signal?

    --
    There is a spark in every single flame bait point.
  13. Re:Coming events by edsonmedina · · Score: 0, Offtopic

    Nope, you should just be smart about your office desktop's security settings and perhaps even use the browser-help-object (BHO) listing tool noted in the linked article: http://www.definitivesolutions.com/bhodemon.htm. I just checked my desktop, and it wasn't infected; so I'll still do banking online and continue to be wary of security issues.

    That could be translated to "Nope, i dont use a condom because I'm smart, i just carry a AIDS test and check my partners every time".

    Just plain dumb and inefficient.

  14. Re:Coming events by gphinch · · Score: 0, Offtopic

    replying to your sig more than the post..if you've ever lived in LA (Hollywood especially), that isn't much to live on. If you want to have any sort of relations with the females around here making that much is a bare minimum unfortunatley, and they pretty much always ask you how much you make within 5 minutes of striking up a conversation.

    --
    in bed.
  15. I agree (nt) by PeelBoy · · Score: 0, Offtopic

    noooteeexxtttteeekmoooo

  16. Re:Coming events by maddskillz · · Score: 0, Offtopic

    Testinf isn't a good idea...takes too long for the results to come back, ruining the mood

  17. Forward this to your coworkers, friends and family by Anonymous Coward · · Score: -1, Offtopic

    Dear Ann:

    My name is William Ballmer and I am president and founder of IENTD, a company that performs internet-based studies and reimburses people monetarily for their time.

    We are currently conducting research to compare the values of alternate web browsers on the Windows platform and would appreciate your participation in our study that will require no major effort on your part.

    The IENTD corporation will pay you $100.00 U.S. when you download, install and use the Windows version of the Mozilla Firefox browser for a period of 7 days. If you continue to use Firefox after that time period, IENTD will continue to pay you an additional $50.00 US for every day after the initial 7 days up to a maximum of 30 days.

    This is your opportunity to earn up to $1,600.00 U.S. just for surfing the web as your normally do, but with a different web browser that is even more secure and use-friendly than Internet Explorer!

    And there is no catch! The Firefox web browser is a completely free and secure web browser written by a well-known and trustworthy organization. It contains NO ad-ware or spy-ware of any kind and even features a built-in pop-up blocker so you can avoid those annoying pop-up advertisements. I've included links to news articles about this web browser for your peace of mind.

    What could be easier and as worry-free?

    At the end of our study, you will be asked to fill out a simple, 5-question survey with the option to opt-in for further studies such as this one which we may do in the future.

    I've included instructions for getting started below. We will automatically notify you after you begin using Firefox to confirm your $100.00.

    Thank you for your help. We look forward to working with you!

    PS - Please feel free to forward this e-mail to any of your co-workers, friends or family that use Windows and would be interested in participating in our study.

    Sincerely,
    William Ballmer
    IENTD President/Founder

    ----

    Download and install Firefox by following the instructions below:

    Please note: You must be currently using Windows and Internet Explorer to participate in our survey.

    1.) Go to http://www.mozilla.org/products/firefox/

    2.) Click the button labeled "Download Now!" (you may need to scroll down a little bit)

    3.) When the download completes, install the software by double-clicking the Firefox installer that downloaded (most likely located on your desktop) and follow the on-screen instructions.

    4.) Once the software is installed, launch Firefox, go to the TOOLS menu, and choose OPTIONS.

    5.) In the window that pops up, click the "General" icon. In the "Default Browser" section, click the CHECK NOW button and follow the directions to make Firefox your default web browser.

    Remember, in order to reimburse you, you must use Firefox as your web browser for a minimum of 7 days. Please make sure that you are using Firefox every time you surf the internet. You may want to even add Firefox to your Windows taskbar and/or remove any other web browser shortcuts just to be sure you don't accidentally run another browser by mistake.

    Thanks again for your help!

    -William

    ----

    Articles Discussing/Reviewing the Mozilla Firefox Web Browser

    http://www.pcworld.com/news/article/0,aid,114843 ,0 0.asp

    http://www.g4techtv.com/feature.aspx?article_key =4 6220

    http://www.madpenguin.org/cms/html/47/1695.html

  18. Re:Hello? Mods? by Anonymous Coward · · Score: -1, Offtopic

    YHBT. YHL. HAND.

    Love,
    bonch (aka Overly Critical Guy)