Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tigger.A Trojan Quietly Steals Stock Traders' Data

Posted by kdawson on from the where-the-money-is dept.

**$tarDu$t** recommends a Washington Post Security Fix blog post dissecting the Tigger.A trojan, which has been keeping a low profile while exploiting the MS08-66 vulnerability to steal data quietly from online stock brokerages and their customers. An estimated quarter million victims have been infected. The trojan uses a key code to extract its rootkit on host systems that is almost identical to the key used by the Srizbi botnet. The rootkit loads even in Safe Mode. "Among the unusually short list of institutions specifically targeted by Tigger are E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade, and Scottrade. ... Tigger removes a long list of other malicious software titles, including the malware most commonly associated with Antivirus 2009 and other rogue security software titles ... this is most likely done because the in-your-face 'hey, your-computer-is-infected-go-buy-our-software!' type alerts generated by such programs just might ... lead to all invaders getting booted from the host PC."

5 of 212 comments (clear)

  1. Re:Here's the sum total of the knowledge gained... by PCM2 · · Score: 4, Insightful

    Of course not. You should wait until they're at their 10-year peak and then buy them.

    --
    Breakfast served all day!
  2. Re:sourcing the problem by NeutronCowboy · · Score: 4, Insightful

    Err, no. You might have the most likely demographic right, but that's just because they contain the majority of crackers. As for the debt, it is very unlikely someone in that demographic managed to accumulate a lot of debt.

    What I'm pretty sure you got completely wrong is the acting alone part. You do not profit of this kind of targeted scheme by working alone. You either have a taskmaster who requested this info, or you know the people who will be able to profit from this info.

    Really, nice try, but I'm pretty sure you have no idea who the crackers really are, and how they operate. I don't know em personally either, but I've got enough experience with DSM and psychological profiling to call shenanigans on your assessment.

    --
    Those who can, do. Those who can't, sue.
  3. Re:sourcing the problem by commodoresloat · · Score: 5, Insightful

    Link it with possible terrorism to bypass the usual rules that would prevent a dragnet, and chances are good you find your man. At least, that's how I'd investigate.

    Well then thank goodness you're not investigating. Crap like this is the exact reason many of us were outraged at the Patriot Act and similar legislation; back in 2001-2 we argued that such legislation would become an easy way for investigators to ignore the Constitution for a host of other crimes. There's been plenty of evidence of that happening already, but it's rare to see someone openly advocate such an abuse of law -- usually, in fact, conservatives defended these laws by saying they would never be used against anyone but the most dangerous international terrorists.

  4. Re:Oblig... by cbiltcliffe · · Score: 4, Insightful

    The wonderful thing about tiggers
    Is tiggers are wonderful things!
    Their tops are made out of rubber
    Their bottoms are made out of springs!
    They're bouncy, trouncy, flouncy, pouncy
    Fun, fun, fun, fun, fun!
    But the most wonderful thing about tiggers is.....
    I'm the only one

    --
    "City hall" in German is "Rathaus" Kinda explains a few things......
  5. Re:Now what we really need... by DigitalCrackPipe · · Score: 5, Insightful

    I wonder how long it will be until a particular program updates a virus definition list or something similar to remove all other competing malware programs as they come into existence
    Such a malware product exists... it's called McAfee, and while it's not very good it does convince lots of people to pay money for it.