category
Bank fraud

Online Shopping and a Phishing Pheeding Phrenzy [2]

Phishing scams and online shopping. Part 2 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.

ATM Security? Don't bank on it.

The odds against losing money may be better with cash machines than fruit machines, but why neglect simple, obvious precautions?

All Carberp botnet organizers arrested

Carberp is a unique case, with all the guys who organized really big botnets and made big profits (millions of US dollars) being arrested.

Win32/Gataka: a banking Trojan ready to take off?

We have been following the development of the Win32/Gataka banking Trojan for several months and can now share some details of its operation which includes facilitating fraudulent bank transfers. This first post will highlight some of its key features, while the second will detail several interesting, more technical aspects of this malware. This banking Trojan

Smartcard vulnerabilities in modern banking malware

Aleksandr Matrosov and Eugene Rodionov presented their research into “Smartcard vulnerabilities in modern banking malware” at PHDays’2012.

Carberp and Hodprot: six more gang members held

Group-IB and ESET Russia assisted in the investigation that led to the arrest of 6 people suspected of stealing 125m roubles from bank customers in Russia .

Phishing Using HTML and Intranet Security Settings

Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that time because phishing was new and hardly anyone had a notion of the implications. Later,

Win32/Carberp Gang on the Carpet

Group-IB’s joint investigations with the FSB and MVD resulted in the arrest of a gang of eight accused of larceny, creation of malware, and unauthorized access.

Merchants push back on credit card breach fines

We've noted the often staggering fees associated with a credit card breach, normally accompanied by a slew of bad press. We've seen Stratfor, in light of their recent hack, dealing with public exposure issues due, in part, to unencrypted payment card information (for which, to their credt, they’ve publicly apologized for). Now we see a

CarrierIQ, keylogging and mobile payment systems

Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. We certainly had no trouble finding the CarrierIQ software on an HTC phone, where it possessed

Kids’ computer game malware – Scammers stoop to new lows

There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the

Online Poker, Real Fraud

The United States Attorney Office for the Southern District of New York received a flurry of attention in April, 2011 when they unsealed an indictment against the three largest Internet poker companies in the United States—Absolute Poker, Full Tilt Poker and PokerStars—for fraud, gambling and money laundering.  Today, the USAO upped the ante with an

Android banking malware in the wild

Recently, we’ve noted a steep rise in Android malware and predicted the rise in banking malware, now we see another example in the wild, this time SpyEye. Trusteer has a good rundown on it, saying “It seems that SpyEye distributors are catching up with the mobile market as they (finally) target the Android mobile platform.

Android financial transactions on the rise – watch for malware

Awhile back we mused that the rapid rise in Android malware would hit its stride near the intersection of widespread mobile financial transaction use, and the continuing steep rise in adoption of the platform. Now we see AT&T, T-Mobile and Verizon entering a joint venture to back a payment service for, guess what: Mobile financial

Win32/Hodprot: Hot off the Press

A week or so ago we promised you a full paper expanding on our Hodprot is a Hotshot blog. That paper is now available.

1 in 20 mobile devices infected next year?

The mobile devices of late have more compute power than the full desktop PC of yesteryear, and they fit it your pocket, great news for folks “on the go.” And since you’re so multi-tasked anyway, why not load it up with things to make your life easier, after all, it’s really a phone with a

Government: “Fix the internet” with .secure

In an effort to deal with the security woes of .com websites, the U.S. Government has a solution: build a new “internet” around .secure instead. The problem? Apparently, people have too much freedom on the .com’s, allowing cyber-dirtbags to skulk around anonymously. This would aim to cure all that by requiring “visitors to use certified

EU to urge shorter data breach notification times

Following a string of data breach notifications which seem to be less than forthcoming, the EU is urging much stricter guidelines for data breach reporting timelines. It a recent article, European Commissioner Viviane Reding was shocked “that companies needed two or three weeks to inform people that their personal data had been stolen.” Recently I

Coreflood dries up

The US Department of Justice's announcement yesterday of the takedown of the command and  control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime.  This particular botnet,

Unencrypted Wireless: In Like a Lion, Out Like a Lamb

[C. Nicholas Burnett, the manager for ESET LLC's tier three technical support, contributed the following guest blog article on the FireSheep plugin for Firefox.  Thank you very much, Carl!  Aryeh Goretsky] The past several days have seen the security community abuzz about a program presented in San Diego at ToorCon 12 this last weekend called

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.