TechSpot

Evil Spyware Pop-Up Ad

By Phantasm66
Jun 29, 2004
  1. Security researchers have discovered a malicious program that installs itself through a pop-up ad and can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites.

    Security experts at the Internet Storm Center have studied the "img1big.gif" trojan file, and have discovered it to target a long list of banks and attempted to steal the account information of those institutions' customers.

    More here.
     
  2. poertner_1274

    poertner_1274 secroF laicepS topShceT Posts: 4,745

    Wow, so this is one that can log 'REAL' bank sites. That's not good. At fist read I thought it was just the fake ones you get emails about all the time.
    Better be extra careful out there...
     
  3. jshields13

    jshields13 TS Rookie Posts: 128

    Interesting. I would think that if one has a pop up blocker that this would not be a problem.
     
  4. poertner_1274

    poertner_1274 secroF laicepS topShceT Posts: 4,745

    It depends on what kind of trojan it is. If it sees www.usbank.com or something of the sorts, it could enable the keylogger and log the username and password. Doesn't necessarily have to be a pop up for it to work.
     
  5. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,919   +9

    It monitors the following sites:

    .commbank.com.au
    .citibank.com
    .stgeorge.com.au
    .bendigobank.com.au
    .anz.com
    national.com.au
    westpac.com.au
    .hsbc.com.au
    barclays.co.uk
    lloydstsb.co.uk
    citibank.com.au
    .online_banking.standardchartered.com.hk
    www.ebank.iba.com.hk
    www.dahsing.com
    www.citibank.com.hk
    .hsbc.com.hk
    .deutsche_bank.de
    .citibank.de
    .sparkasse_banking.de
    banking.lbbw.de
    dit_online.de
    .dab_bank.com
    www1.bmo.com
    www.scotiaonline.scotiabank.com
    cibconline.cibc.com
    www1.royalbank.com
    easyweb.tdcanadatrust.com
    suncorpmetway.com.au
    cd.citibank.co.ae
    ebank.uae.hsbc.com
    banknetpower.net
    nbd.ae
    online_banking.standardchartered.ae
    standardchartered.com
    www.cbdonline.ae
    www.arabi_online.com
    banking.mashreqbank.com
    www.unb.com
    online.nbad.com
    pbg1.edc.citiaccess.com
    www.privatebank.citibank.com.sg
    ekocbank.kocbank.com.tr
    internetsube.akbank.com.tr
    hercules.pamukbank.com.tr
    www.alahlionline.com
    www.samba.com
    www.almubasher.com.sa
    www.sabbnet.com
    .e_gold.com
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.