Developages - Development and Technology Blog

bрn8r writes “Still going strong since February 2006, the ‘Sinowal′ Master Boot Record infector (also called ‘Torpig’ and ‘Mebroot’ by various anti-virus companies) has compromised more than half a million financial accounts. An HTML injection engine adds fields to login pages to compromise credentials. Injection is triggered by the Web addresses — more than 2,700 bank and e-commerce sites are hard-coded into the malware. ‘RSA investigators found more than 270,000 online banking account credentials, as well as roughly 240,000 credit and debit account numbers and associated personal information on Web servers the Sinowal authors were using to set up their attacks.’ The majority of anti-virus and anti-malware scanners do not detect this threat.”

Read more of this story at Slashdot.

Original post by kdawson

This entry was posted on Saturday, November 1st, 2008 at 11:02 pm and is filed under security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.