locked
Silent Banker Trojan RRS feed

  • Question

  • There has been a lot of talk about a threat to 400 banks but I have seen nothing on the Live One site to put my mind at rest. Does anyone know anything about the silent banker trojan horse? Does Live One protect against it?

    Thanks
    Sunday, January 20, 2008 2:45 AM

Answers

All replies

  • There's a class of Trojans that has been around since early 2007 that OneCare's malware protection engine knows about. Here's one of the latest variants - http://www.microsoft.com/security/portal/Entry.aspx?ThreatId=-2147367388

     

    -steve

    Sunday, January 20, 2008 3:29 AM
    Moderator
  • Thank You for your prompt response, however, I am referring to a new threat that was posted in newspapers over the last few days. Symantec has responded to this threat but I see no ackowledgement by Microsoft. The following is from Canada.com on January 17. A google search will indicate several similar articles highlighting the same problem.

    "Unlike conventional cyber banking frauds - where bank clients are steered to a bogus website masquerading as their bank's online pages - in this scam, the hacker uses the genuine bank website and is able to manipulate the user's account, steering payments into a hacker's account or cleaning out the entire bank funds altogether. It also can be used to steal credit card information and passwords.

    When a banking client signs onto his or her banking website, the hacker is a silent third party"

    "Huger said the current attack has been under way for about four days, and while he said Symantec has seen it try to infect thousands of its customers, the company's security software has stymied the attempts.

    However, computer users who don't have up-to-date anti-virus security software installed, or who haven't updated their Web browsers to fix flaws that are allowing the Trojan to proliferate, are open to attack.

    "It sits on the website and, unbeknownst to you, it downloads to your system," said Huger, who added that the hackers behind silentbanker are probably also trying to send it out via emails."



    It seems that the software sits between the keyboard and the application and allows the hacker to get copies of all the data sent back and forth to the secure bank site. This makes a mockery of SSL security because the user is actually still using the real Bank site. Since the major newspapers have been carrying the story there is a lot of confusion and many people are not doing on-line banking until they are sure they are not infected.

     It would be reassuring to know that Windows Live One is aware of this problem and that customers are protected from this New Trojan threat being called "Silent Banker"



    Thanks


    Sunday, January 20, 2008 2:40 PM
  • Yes, that's the same class of Trojan. I can't tell you that you are 100% protected, but I believe that OneCare does protect against this threat. I recommend contacting the PC Security line if you are in North America, you can call 866-727-2338. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

     

    -steve
    Monday, January 21, 2008 3:22 AM
    Moderator