Slashdot Mirror

← Back to Stories (view on slashdot.org)

MBR Trojan Approaching the 3-Year Mark

Posted by kdawson on from the half-a-million-ain't-chump-change dept.

bl8n8r writes "Still going strong since February 2006, the 'Sinowal' Master Boot Record infector (also called 'Torpig' and 'Mebroot' by various anti-virus companies) has compromised more than half a million financial accounts. An HTML injection engine adds fields to login pages to compromise credentials. Injection is triggered by the Web addresses — more than 2,700 bank and e-commerce sites are hard-coded into the malware. 'RSA investigators found more than 270,000 online banking account credentials, as well as roughly 240,000 credit and debit account numbers and associated personal information on Web servers the Sinowal authors were using to set up their attacks.' The majority of anti-virus and anti-malware scanners do not detect this threat."

3 of 165 comments (clear)

  1. The majority of anti-virus/anti-malware? by morgan_greywolf · · Score: 5, Informative

    Wow. ClamAV and AVG both detect Sinowal. Both are free as in beer and ClamAV is free as in speech.

    --
    My blog
  2. clamav did NOT detect it by circletimessquare · · Score: 3, Informative

    read the story again, it links to virustools, which lists the 10 out of 35 vendors that made the detection. antivir did (mine, phew)

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  3. Re:we need an antivirus vendor by BlueStrat · · Score: 3, Informative

    that supplies cd images online with their own mini boot os, updated monthly, that you download, burn, and then reboot into via cd

    90% of users wouldn't bother. its just a giant hassle. but amongst the ultraparanoid, which you are if you know even just a little about what goes on out there, it would be a nice piece of mind guarantor

    of course, this product probably already exists. in which case PLEASE TELL ME WHERE ;-)

    Why not simply boot into a live CD whenever you want to do online banking or other such sensitive tasks if you're that paranoid? Nearly all allow for writing to the hard drive, so it's not a problem to save any data you want around after the task is completed like online statements, etc. If you're really paranoid, use Anonym.OS put together by Kaos.Theory Security Research and based on OpenBSD with hard encryption and use of TOR as defaults?

    Download here: http://sourceforge.net/projects/anonym-os/

    More information: http://kaos.to/cms/projects/releases/anonym.os-livecd.html

    Cheers!

    Strat

    --
    Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.