Hi, >> But Steve, generic malware runs on your PC or in your browser. If >> they wanted to steal card numbers, they'd steal card numbers today, >> from the browser or by key logging, before the numbers got TLS-ed. >> Since they don't do it now, I don't see any reason to think they'd do >> it if it were easier to steal them other places. > > Do you have any data to support your assertion that malware isn't > stealing credit card numbers from individual PCs?
Wasn't there a paper on the underground economy that investigated such things by monitoring drop zones? And they found CC numbers, I thought? I could be wrong. I can't remember the title, but Thorsten Holz was one of the authors (no, not a relative of mine). Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
