Tuesday, September 30, 2008

In Limbo

RSA Consumer Solutions released information on a banking Trojan called Limbo. Evidently the Trojan is not new, but has become increasingly affordable on the underground malware market (US $350.00, down from US $5,000.00 two years ago.) What makes this piece of malware so insidious is that it uses HTML injection to add fields to your legitimately established on-line banking session. Criminals use this to ask for information such as your PIN, bank card number or other sensitive data. Because the actual connection is to your banks Web site, you would have no idea you were being phished except that the session is now asking you for information it didn't previously.
If you have family members and friends who do on-line banking (and who doesn't), I'd relay this information to them. Simply tell them there is a new "hack" circulating that could affect them doing online banking, even if they manually type in the address to the bank and get no SSL warnings. Tell them if their bank form asks them for information it didn't in the past, especially if it's their card number or PIN, close their browser and get technical help.

Details are here: http://www.itworld.com/security/55421/trojan-can-grab-extra-personal-banking-data

Blog Archive