Monday, March 27, 2006

 

Trojan Rootkit Credit info Theft scandal

ItVibe.com

Trojan horses steal bank details, passwords
By Dawn Kawamoto

Story last modified Mon Mar 27 06:51:18 PST 2006
News.com.com

Sana Labs discovered the other Trojan, which is distributed alongside a rootkit that hides it. The malicious software spreads via the Alcra worm, which directs infected Microsoft Windows PCs to Web sites where the programs are downloaded, Sana said.

The Trojan is able to unearth passwords and usernames used previously on a machine and does not have to track keystrokes, according to Sana. The security company said it has discovered 37,000 usernames and passwords, the majority for social networking Web sites, on log files in 7,000 locations.

Once the malicious software is loaded onto a PC, it communicates with a Russian Web server, which stores the usernames and passwords gleaned by the Trojan.

============ The 5 five firms who detect the new threat =============
Sana said the Trojan is well hidden by the kernel-level rootkit and that because of this, some antivirus programs may have difficulty detecting it. The company said that as of Monday, only five security applications--UNA, VBA32, Sophos, NOD32 version 2 and eTrust-Vet--were able to detect the threat.
================================================
copyright ©1995-2006 CNET Networks, Inc

Microsoft warns of critical Internet Explorer bug
Monday, March 27, 2006 at 20:51 by Andy Holliday
Itvibe

Dangerous new exploits in Internet Explorer could put PCs and data at risk, Microsoft has confirmed.

All three flaws affect the software giant's Internet Explorer browser and the flaws - for which code has already been published on the internet, could be exploited to set an a virus free on the internet.

Potential viruses would come as an email attachment that conceals the code, or even redirect users to a site that will unleash the code on an unsuspecting person's PC, leaving the computer open to a remote attack. Once the PC is being controlled by a malicious user, it can then be used to launch attacks on other PCs which is also known as the machine being a 'Zombie'.

Microsoft said it would produce patches for the vulnerabilities in its next security update due on 11th of April, which shows that even fully patched versions of Internet Explorer 6 are vulnerable to the flaw, it seems, as are users with XP Service Pack 2.

Security firms said specially written websites and hijacked servers were already being used to host the malicious code that uses the loopholes to invade vulnerable machines.

In security bulletins about the trio of bugs, Microsoft played down the threat and said: "The attacks are limited in scope for now."

To avoid falling victim to any attack, Microsoft urged users to avoid websites they did not trust and to refrain from opening attachments on e-mail messages from unknown senders.
Article published by ItVibe

 

Credit info hijacked & fraud charges to card

Credit Card info hijacked on line part II

PKSER was a website that attempted to charge $400 to the hijacked credit card
Google
searching PKSER revealed links to comments about being ripped off and led to a young couple's blog site. This is their first hand story. . These card info thieves use a background info key logger and bot server. In my case, I did not interact or download anything.
WWW.CIO.in/news/

===== copied from blog site =====
Tate went on the computer and checked his bank account and finds that through 3 different transactions, $450 has been taken out of his account by some website.
*jaw drop*

So it's this website called PKRSER dot COM. We look it up and it doesn't exist. Then we find one website that says "if you have been billed by us and have ?'s please call ----. We call it and it is some middle-eastern call center that right away tries to get credit card info from us! I act a bitch and they finally slip up that they work for various gaming sites! This explains everything.

Yesterday Tate and I watched some "Celebrity Poker" and it looked fun. At every commercial break they advertised this website called pokerstars.net where you can play for free and learn how to play well. I had downloaded the program and played for a whole 10 minutes. All the info I had given was my name and my email addy. They somehow hacked into our computer and got Tate's bank info and jacked his money!

So between frantic calls to my parents, his parents, and the police we now have filed a police report, we're calling someone who works at the bank tomorrow so we can stop the transactions and we are going to reformat the computer. Hopefully we can stop this shit in time and we get our money back! If not, hopefully the bank has insured Tate and he gets it back regardless. Damn, damn, damn.

==== RULE: do not download free poker game ==== TG
= WARNING =
You can see interesting info in a search with Google or Yahoo, but do not go to the actual site or you will likely infect your computer with a *Stealth Keylogger* Trojan that interacts with an auto-bot server.

The other site PsolLtd dot com, that attempted to charge $380, produced a page full of jibberish. The translator did not work. I suspect the page was in a middle east Sanskrit or something non-translateable. TG

Sunday, March 26, 2006

 

Credit card online fraud scandal

Credit card on-line use update
Online card use is stealth logged & never secure
March 25th

Before I began using my least popular credit card online, I expected it would be hi-jacked sooner or later.

So the card ceiling was lowered to very low, by telephone.

As expected, after about one year of use, the card was refused for a $19.95 software renewal.

The card company calmly accepted my news that the card had been compromised and promptly offered to open a new account in view of a good credit standing.

Now if a key stroke logger has fed your pin info back to a server bot, then the last thing you want is to use a new card on the same computer. Makes you wonder how deep the heads of the card companies are in the sand.

One refused charge against the card for $400 was made from an UK based server.

Second refused charge against the card for $380 was made in Israel.

Third allowed charge was for $1.19. I found this comical. Frustrated at the two refusals, I could imagine them buying a chocolate bar, just to see if the card had any value at all.

The value open to theft between the $190 owed on the card and the limit, was about $300. The crooks only managed to charge a $35.00 debit to the card, the $400 and $380 were above the approximate $300 limit window.

This card, and most cards in general do not charge fraud debits back to the cardholder. Visa says charges would be barred due to *out of area*.

The key logger thieves know:

[1] The credit card account number.
[2] the expiry date.
[3] the last 3 numbers of the code on the reverse side.
[4] the correct name of the card holder.
I don’t think they know or require the bank related PIN.

That info allows fraudulent use of the card.

Information like mother*s or father*s name for security validation, your sin number, and other sensitive data is not required at the time of on-line card buying.

Usually this info is listed at the bank when you open your card account. Can thieves find this extra info on your computer?

When a credit card is compromised online like this, one has to wonder what additional information they have that could allow the theft of one*s identity.

At the very least , your birthdate, your parent*s name, your birthplace and your postal code would be required. Keep personal info off your *on line* computer.

Data that you do not enter during an online card purchase.

Add to this information the recent news that stealth Trojans can be downloaded through your router firewall and malware software, just by one browser view of a webpage. No button presses from you are required.

============= Conclusion ==============
Credit card use on the internet is no longer secure and we should not do it. The banks would refute this, but you judge for yourself.
====================================

Stealth logger information

Hackers have been using a Trojan – whose sophistication would put professional IT departments to shame – to quietly steal bank-account details on hundreds of thousands of computers worldwide.

For weeks, customers of large banks in the UK, Spain and Germany have been duped by phishing emails into installing the MetaFisher Trojan and putting their machines under the control of one of the most sophisticated *botnets* known so far.

*This is one of those big, under-the-radar threats that we've been concerned about,* said Ken Dunham, director of the rapid response team at VeriSign's iDefense unit. *There has been a trend away from big-bang attacks to very targeted and sophisticated attacks that take place right under your nose. This is one of them.* TG
http://TonyGuitar.blogspot.com

Saturday, March 18, 2006

 

Iran blinks, good news

Ganji has been released after 6 years confined!

http://ReleaseGanji.net

WWW.Forbs.com

Iran is getting the message at last.. The force of the recent insurgency clean-up north of Baghdad may have been noticed by AMADinejad via Al-Jazeera TV.

Posts similar to mine on Persian blogsites to the effect that the US must give Iran 6 days notice before installing the *Green Glow* that makes street lighting unnecessary. [ tongue in cheek], may have made for a little uneasiness in some of the fundamentalist clerics minds.

Ganji, looking like death warmed over, due to his hunger strike, came into TV camera view exclaiming how he was abused and pouring vitriol on his captors. He has no fear of death.

TV cameras showed Ganji and his wife, and others smiling broadly and very happy.

Whatever, it is good news.

Good news for the Military. A sign that Iran is backing away from AhMadinejad*s offensive stance.

It would be better news if Iran got killers like Muqtada Al-Sadr and his *Black headbands* to back off. Support for *Ransom Grabbers* only draws the bead onto Iran as a viable target.

10words.ca TG

Friday, March 10, 2006

 

Comox100.typepad.com Guitar etc.

The guitar for sale at Comox100.typepad.com is similar to this one but with gold machines and a dark pick guard. TG


Similar to this but with pick guard Posted by Picasa Keep in mind that Comox100.typepad.com is a website for local buy & sell stuff as well as local news chat. Goods and exchange are in person and in cash. Cheques are a potential for problems, so please avoid using them. OK? TG

 

Comox Valley Courtenay Comox100

Hey, I just remembered!

You can place your wordy ad in the comments for free at:
Comox100 dot typepad dot com

The local [syndicate] paper wanted $94.00 for two small want ads,4X, so Voila! Now we have this free bulletin board, free want ad site. [Local only, however.]

This may fill the vacancy left by the missing board at the Driftwood mall and Teleshop. Boy, do I miss Teleshop. TG

Saturday, March 04, 2006

 

Jihad , cartoons, Muslims and Intefada

We see video on CNN showing rampaging Muslims around the world. In Europe, the Middle East, the Pacific Rim ... Muslim Mobs spreading mayhem.  It seems that these mighty mad Muslims are rioting and firing their ever-present AK-47s into the air because of cartoons.  This latest epidemic of Muslim outrage comes to us because some newspapers in Norway and Denmark published some cartoons depicting Mohammed.

Muslim outrage huh. OK ... let's do a little historical review.
Just some lowlights:
[1] Muslims fly commercial airliners into buildings in New York City. No Muslim outrage.

[2] Muslim officials block the exit where school girls are trying to escape a burning building because their faces were exposed. No Muslim outrage. *******************************************

[3] Muslims cut off the heads of three teenaged girls on their way to school in Indonesia. A Christian school. No Muslim outrage.

[4] Muslims murder teachers trying to teach Muslim children in Iraq. No Muslim outrage.

[5] Muslims murder over 80 tourists with car bombs outside cafes and hotels in Egypt. No Muslim outrage.

[6] A Muslim attacks a missionary children's school in India. Kills six. No Muslim outrage.****************************************

[7] Muslims slaughter hundreds of children and teachers in Beslan, Russia. Muslims shoot children in the back. No Muslim outrage.
******************************************

[8] Let's go way back. Muslims kidnap and kill athletes at the Munich Summer Olympics. No Muslim outrage.

[9] Muslims fire rocket-propelled grenades into schools full of children in Israel. No Muslim outrage.


[10] Muslims murder more than 50 commuters in attacks on London subways and busses. Over 700 are injured. No Muslim outrage.

[11] Muslims massacre dozens of innocents at a Passover Seder. No Muslim outrage.

[12] Muslims murder innocent vacationers in Bali. No Muslim outrage.

[13] Muslim newspapers publish anti-Semitic cartoons. No Muslim outrage

[14] Muslims are involved, on one side or the other, in almost every one of the 125+ shooting wars around the world. No Muslim outrage.

[15] Muslims beat the charred bodies of Western civilians with their shoes, then hang them from a bridge. No Muslim outrage.

[16] Newspapers in Denmark and Norway publish cartoons depicting Mohammed. Muslims are outraged.

[17]
Dead children. Dead tourists. Dead teachers. Dead doctors and nurses. Death, destruction and mayhem around the world at the hands of Muslims .. no Muslim outrage ...

Is this really about cartoons?

They're rampaging and burning flags.
They're looking for non-Muslims to kidnap. They're threatening innkeepers and generally raising holy Muslim hell not because of any outrage over a cartoon.

They're outraged because it is part of the Islamic jihadist culture to be outraged. You don't really need a
reason. You just need an excuse. Wandering around, destroying property, murdering children, firing guns into the air and feigning outrage over the slightest perceived insult is to a jihadist what tailgating is to a Steeler's fan.


I know and understand that these bloodthirsty murderers do not represent the majority of the world's Muslims.

When, though, does the majority become outraged? When do they take to the streets to
express their outrage at the radicals who are making their religion the object of worldwide hatred and ridicule?

Islamic writer Salman Rushdie wrote of these silent Muslims in a New York Times article three years ago.

"As their ancient, deeply civilized culture of love, art and philosophical reflection is hijacked by paranoiacs, racists, liars, male supremacists, tyrants, fanatics and violence junkies, why is the majority not screaming?"

Indeed. Why not?

Kurt Westergaard, Cartoonist **************************************** Kurt Westergaard is the cartoonist who drew Mohammed with a bomb in his turban.  He has gone into hiding, but has now expressed his opinion for the Muslims who have forced him to do so. - REG   TG

This page is powered by Blogger. Isn't yours?

Get your Google PageRank