There are many reports today about a new, sophisticated type of financial malware called “OddJob” that will hijack a user’s session after they have logged out of their online banking account to commit fraud. According to reports from Trusteer, there are a few things that are noteworthy about the attack:
* The criminals do not actually need to log in to the compromised online banking account-- they simply extend the user’s legitimate online banking session in the background to commit fraud. No keystroke logging needs to take place.
* The malware resides in the browser itself, and can intercept GET and POST requests, terminate connections, and inject data into web pages.
* OddJob is able to intercept and block the user’s logout request from being sent to the server. The user thinks they are logged out, but the malware continues to stay logged in so that the criminals can conduct a variety of banking operations.
* Finally, the malware’s configuration is not saved to disk, where it could be detected by an AV scanner. Each time the browser launches, a fresh copy of the configuration is retrieved from the C&C servers.
According to Trusteer, the malware has already been targeting users of banks in the US, Denmark and Poland. One tactic that the fraudsters could use to target particular banks is to compromise the bank’s website and inject drive-by-download code (with OddJob as the payload). Then, any user that visited the bank’s compromised website would have OddJob running on her machine. The next time that that user logged into her online banking account, OddJob would kick in and start conducting fraudulent transactions. This tactic of distributing OddJob as a drive-by-download from the bank’s own website would enable the criminals to compromise a large number of user accounts all at once. As fraudsters continue to target financial institutions, it is crucial that banks monitor their own websites for malware to avoid a mass compromise of user accounts with malware such as OddJob.
www.ubuntu.com
ReplyDeleteworks great, and this trojan cant work on it....
WEll I take that back. Install the Wine packages and then run the winetricks.sh to install Internet explorer and you can get this working under linux.
Sorry, there is no non techie way to get this trojan working under linux. I guess you will have to suffer with a more secure OS for your banking, instead of complete windows compatibility with the insecurity.
sciatic nerve pain
Sciatic Nerve
I think we need to bring more ideas for this purpose. Involvement of young people can be handy in this regard. I am happy to find a good post here. Thank you..
ReplyDeleteweb hosting company
http://youtu.be/AufWWR_WIf8
ReplyDeletethis chance may not come again.
Nice blog, hi friend, i found that there is one website offering free puzzle games. Just take one minute to sign u pthen you will receive one free puzzle game. Its URL is http://www.684899.com/en/CosmicCreature/project_1.htm I've done it and now i am enjoying it. Would you like one?
ReplyDeleteNewport Cigarettes
ReplyDeleteThanks for sharing such a useful information. The information provided is very very niche. Logo Design , I was just surfing on internet and found your blog after reading this i realize that i should come here often.
ReplyDeleteWorks great, and this trojan cant work on it...
ReplyDeleteStay alert and be cautious from these infectious e links and web site.