[IS&T Security-FYI] SFYI Newsletter, November 7, 2008
Monique Yeaton
myeaton at MIT.EDU
Fri Nov 7 16:57:51 EST 2008
In this issue:
1. Trojan Horse Strikes Again
2. Passport Application Data Theft
3. Spam Attacks Using U.S. Election as Lure
-------------------------------------
1. Trojan Horse Strikes Again
-------------------------------------
Researchers have uncovered a trove of financial account data stolen by
a Trojan horse program known as Sinowal over the last several years.
As many as half a million accounts have been compromised; more than 20
percent were stolen in the last six months alone. Sinowal, which is
also known as Torpig and Mebroot, spreads through websites onto
unpatched PCs without any user interaction. That the Trojan had been
operating for nearly three years has been called "extraordinary." It
lies in wait on infected PCs; when a user enters a banking URL, it
offers up a phony site to collect the pertinent data and then sends
the information back to a drop server.
Read the full story:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9118718&intsrc=hm_list
>
-------------------------------------------
2. Passport Application Data Theft
-------------------------------------------
The U.S. State Department has notified 383 people that their personal
information supplied when applying for a passport may have been
compromised. A man arrested earlier this year was found to have
credit cards in nearly 20 different names; several passport
applications in his possession matched the names on some of the
cards. The information from the applications was allegedly used to
open the fraudulent credit card accounts. The suspect told
authorities at the time that he had two accomplices, one at the State
Department and the other at the U.S. Postal Service.
Read the full story:
<http://www.msnbc.msn.com/id/27475651/>
<http://www.washingtonpost.com/wp-dyn/content/article/2008/10/30/AR2008103004716_pf.html
>
--------------------------------------------------------
3. Spam Attacks Using U.S. Election as Lure
--------------------------------------------------------
You may have noticed (if you look in your spam folder, or if these
emails make it past your spam filter) that a lot of spam is making use
of this week's historic U.S. election outcome to download Trojans or
do other nasty things to you or your computer. Here's a run-down of
the subject lines I received in my spam folder in just the past few
days:
World Welcomes Obama's Win
Obama Wouldn't Be First Black President
Obama's Father Died
McCain's Mother Was Shot in Public
Another spam message apparently has a video featuring Obama's
acceptance speech. Once users open the link, a Web site actually links
to a file called adobe_flash_exe, a malicious Trojan downloader
designed to distribute information-stealing software on unsuspecting
victims' computers. Upon execution, the compromised machine receives a
Rootkit that sends the user's personal data to numerous command and
control centers.
The story about the Rootkit can be read here:
<http://www.crn.com/security/212000813>
Sensational stories that feed on our interests are a strong lure and
spammers know this. If you don't recognize the "from" address, it's
best to not open these emails. In other words, my warning is
"curiosity killed the cat" (sorry, cat).
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you
for your password.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20081107/ea60dca7/attachment.htm
More information about the ist-security-fyi
mailing list