[olug] FDIC warning / CrimeWare EULA

Rob Townley rob.townley at gmail.com
Wed Nov 4 12:13:50 UTC 2009


Because the FDIC warning doesn't come up as easy as thought in a
google search, i put some links below.  RSA keyfobs don't protect you.
   Modifies your bank website appearance so that your banking balance
appears normal.  zeus and urlzone are two of the newer versions of
online banking crimeware.

 Of course, no AntiVirus software detects the crimeware until you
violate their EULA:  “In cases of violations of the agreement and
being detected, the client loses any technical support. Moreover, the
binary code of your bot will be immediately sent to anti-virus
companies.”
http://blogs.techrepublic.com.com/security/?p=2464

mpack, icepack crimeware
Know Your Enemy:
Behind the Scenes of Malicious Web Servers
http://old.honeynet.org/papers/wek/KYE-Behind_the_Scenes_of_Malicious_Web_Servers.htm
http://www.honeynet.org/node/186



http://www.fdic.gov/news/news/SpecialAlert/2009/sa09147.html
These types of malicious code, or "crimeware," can infect business
customers' computers when the customer is visiting a Web site or
opening an e-mail attachment.



MoneyMule / SecretShopper Job
Criminal will originate unauthorized EFTs from a victim's account to a
money mule's deposit account. The money mule is then instructed to
quickly withdraw the funds and wire them overseas after deducting a
"commission" (commonly eight to ten percent).
http://www.fdic.gov/news/news/SpecialAlert/2009/sa09185.html



Linux privilege escalation C source code.  Old, but there was a NULL
pointer vulnerability Linus patched himself in the kernel and the C
runtime just this year.
http://www.isec.pl/vulnerabilities/isec-0013-mremap.txt


Certified Live Linux CDs that can only navigate to particular websites
as well as Authenticating The Transaction are necessary.



More information about the OLUG mailing list