ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Password-stealing Trojan cut off at source

Zen Lee CNETAsia

Published: 07 Jul 2004 09:10 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

An attempt to pinch user information from banking sites using a malicious pop-up program has been nipped in the bud, says Symantec.

Last week, security experts uncovered a Trojan horse -- dubbed PWSteal.Refest by the security software maker -- which installs itself through a pop-up advertisement when users logged onto the Web sites of any one of nearly 50 targeted banks.

Once installed, the Trojan logs the keystrokes and passwords of its victims' computers and sends the data back to a Web site listed by the program's creators.

However, this ploy was foiled as the site which was meant to harvest the stolen information was quickly shut down, said Tim Hartman, Symantec Asia-Pacific's senior technical director.

As a result, Hartman said the company did not receive any reports of information theft from its Asian customers, particularly those in the banking sector.

While the PWSteal threat appears to have been contained, its emergence reflects the trend of exploiting Internet Explorer (IE) loopholes to turn Web sites into avenues of malware dissemination.

Last month, IE flaws were blamed for two other hacking schemes, one that turned some Web sites into points of digital infection, and another that installed a toolbar on victims' computers that triggered pop-ups.

In response, Microsoft has advised users to set their IE security settings to the highest. The firm also released a patch for the IE vulnerability last Friday.

CNETAsia's Winston Chai and News.com's Robert Lemos contributed to this report.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
65 out of 144 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related Jobs

RAD Developer SHAREPOINT .NET ROLL OUT - BANKING LONDON

Lead Architect - Banking

SENIOR DATABASE ADMINISTRATOR (ORACLE)

Sentry Posts Blog

Toshiba developing quantum repeater

Toshiba is developing a device it hopes will allow for global quantum key distribution. The company is developing a quantum repeater, a device to regenerate a quantum key once quantum... More

Post a comment

Nasa hacker loses last-ditch appeal

Self-confessed Nasa hacker Gary McKinnon has lost his appeal to Home Secretary Jacqui Smith against extradition to the US. In an email sent to ZDNet.co.uk on Monday, McKinnon's... More

3 comments

Up to 1.7m MoD personal details missin...

The potential number of people affected by the the loss of a hard disk containing MoD details could be a high as 1.7 million, defence minister Bob Ainsworth told parliament on Monday. In... More

1 comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers