A new hacking method is causing concern for the lengths it goes to avoid detection by security software and researchers. The attack involves a website that has been hacked to host malicious code, an increasingly common trap on the Internet. If a user visits one of the sites with an unpatched machine, it’s possible that the computer can become automatically infected with code that can record keystrokes and steal financial data typed into forms.
Read more…
The illegal transfer of almost US$450k out of the municipal funds of Carson City Nevada, using credentials stolen by keystroke logging, was thwarted last week only after US$45k had been lost. Apparently the thieves targeted the personal computer of municipal Treasurer Karen Avilla, and thereby obtained critical passwords which they used to divert funds by electronic transfer.
Read more…
Three variants of a smartphone Trojan, which requires less user interaction than previous mobile malware to infect devices, have been seen in the wild, according to security experts.
Different forms of the Viver Trojan, or Trojan-SMS.SymbOS.Viver, were placed on a popular file-sharing site, disguised as a photo editor and a set of video codecs, the security specialist said.
Read more…