In Brazil there's alot of trojans similar to the one Steven mentioned, almost all of them targeted at diferent national banks.

A while back they worked as "external pop-ups" as we named them. That is they appeared on top of the browser appearing visually like when you are asked for your credencials by the bank (although many times they ask for all your data including ssn). Now a days they are more advanced, we have seen trojans lately that closes the browser and opens a window just like IE and then navigates the banks site inside, when it comes to entering the credencials it shows more fields to fill in than normal.
They often come with keyloggers too to rob your pin number as you enter it.
That made the banks use virtual keyboards, entering the PIN with the mouse on screen, to avoid entering PIN numbers via the keyboard. Then the bad guys started using mouse loggers that captures a tiny square with every mouse click.

The captured data are sent via smtp, ftp or via an http post.

The latest trick is to encrypt the captured data with AES although the key is fixed in the code ;-)

Steven M. Bellovin wrote:

There's been a lot of discussion about how to strengthen cryptography and authentication, to get away from problems of phishing, pharming, etc. But such approaches can take you only so far, as this link indicates:

Briefly, it's a Trojan that waits for you to log int o E-Gold, checks your balance, and drains your account except for .004 grams of gold.
Mads Rasmussen
Security Consultant
Open Communications Security
+55 11 3345 2525

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to