Zeus3 Trojan quietly steals $1m from bank accounts

This scares the f**kout of me!

Governments and authorities of the world better rethink their positions on 'white hat' hackers. The good guys/gals doing stuff for fun can expose weaknesses and vulnerabilities before things get serious if only you didn't treat them like criminals. Perhaps then something like Zeus3 wouldn't even be an issue.

Interesting if true, interesting if not true. Sure think we would of heard a great deal more about it by now if the thefts really worked. Our Secuirity staff works on a lot of financial security issues, and I don't see how anybody could pull this off on a large scale. Think of all the thinks they would have to do right, Dudley.

Believe me, I know the feeling! I comfort myself with the old adage that, "he who steals my purse steals trash"...!

I absolutely loathe the jerk-offs who create viruses, worms and trojans whether to steal or to mess up your computer. I know the bulk of these are created in Russia or China, but if they are ever able to track down a western hacker who does this - I would have zero problem locking them up for life. After several days of torture, of course.

Really, I hear that. Besides, the Russians should stick to porn and online mail order brides. Those girls are HOT!

SWORDFISH?

Malware like Zeus can defeat two-factor authentication. If the host that you use to log into your online bank account is compromised, it doesn't matter how sophisticated your authentication mechanism is.


"Bank sites that offer two-factor authentication, such as one-time passcodes and ID tokens, are ineffective because the malware has taken over the browser after the victim has logged into the banking..."

Excerpted from http://news.cnet.com/8301-27080_3-20013246-245.html

Hide your money under the mattress, love that!

first thing next morning i'm taking out my 8 moneys! (joke)

it seems interesting,that this trojan can also throw up fake balances in accounts

I already said "swordfish."

haha! .. Its really freakin .. even transactions online are really fast. Hackers can also come to your doors as fast as it. Tokens are not enough.

maybe the programmer of the system is the culprit, 'cause he can create backdoor. But, that's only a guess. Don't take it seriously. ..hmm.. but I have a point ,,

If you are going to do online financial transactions the best method today is to have a separate physical machine, a live boot cd or at least a VM. Harden that machine; only use it for the financial transactions and keep it turned off when not in use. Do not use your general system (browsing, Office, gaming) for these type of transactions. This will severely limit the likelihood of getting malware.

Someday maybe the banks will come out with a highly secure VM that people can use for online banking.

Of course you could skip online banking in general.

hello ...

scary indeed, I may not have money in bank, but I use secured banking, i just hope it's enough.

I will work into strengthening my PC for this .. for i know till now it's all my fault / negligence that puts me at stake.

cheers!

Whew, good thing I'm not that loaded. Haha!