Tigger.A Trojan Quietly Steals Stock Traders' Data 212
**$tarDu$t** recommends a Washington Post Security Fix blog post dissecting the Tigger.A trojan, which has been keeping a low profile while exploiting the MS08-66 vulnerability to steal data quietly from online stock brokerages and their customers. An estimated quarter million victims have been infected. The trojan uses a key code to extract its rootkit on host systems that is almost identical to the key used by the Srizbi botnet. The rootkit loads even in Safe Mode. "Among the unusually short list of institutions specifically targeted by Tigger are E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade, and Scottrade. ... Tigger removes a long list of other malicious software titles, including the malware most commonly associated with Antivirus 2009 and other rogue security software titles ... this is most likely done because the in-your-face 'hey, your-computer-is-infected-go-buy-our-software!' type alerts generated by such programs just might ... lead to all invaders getting booted from the host PC."
Re:Here's the sum total of the knowledge gained... (Score:5, Insightful)
Of course not. You should wait until they're at their 10-year peak and then buy them.
time for 2-factor (Score:4, Insightful)
It is time for online financial institutions (brokerages and banks) to require real 2-factor authentication to log in to their sites. When I sign up for a bank account, I want them to mail me an ATM card with an embedded smartcard chip, along with a cheap USB smartcard reader. Alternatively, send a one-time-passphrase device like SecurID.
This may be a little expensive up front, but it would cut down on enough fraud that it might pay for itself.
Re:looks like it may be (Score:3, Insightful)
Re:time for 2-factor (Score:3, Insightful)
I want them to mail me an ATM card with an embedded smartcard chip, along with a cheap USB smartcard reader.
Thats just fine, but they most likely won't release drivers for it for anything other than Windows and perhaps OS X, so any BSD, Linux, or other alternate OS user gets left out.
Secondly, it would be trivial for an attacker to put in compromised drivers in the system that reads out all the secure info and forwards it to his website where he can duplicate all the secure keys and such.
Re:Here's the sum total of the knowledge gained... (Score:2, Insightful)
Re:sourcing the problem (Score:3, Insightful)
Someone likes their CSI
Re:sourcing the problem (Score:5, Insightful)
Err, no. You might have the most likely demographic right, but that's just because they contain the majority of crackers. As for the debt, it is very unlikely someone in that demographic managed to accumulate a lot of debt.
What I'm pretty sure you got completely wrong is the acting alone part. You do not profit of this kind of targeted scheme by working alone. You either have a taskmaster who requested this info, or you know the people who will be able to profit from this info.
Really, nice try, but I'm pretty sure you have no idea who the crackers really are, and how they operate. I don't know em personally either, but I've got enough experience with DSM and psychological profiling to call shenanigans on your assessment.
Re:sourcing the problem (Score:5, Insightful)
Link it with possible terrorism to bypass the usual rules that would prevent a dragnet, and chances are good you find your man. At least, that's how I'd investigate.
Well then thank goodness you're not investigating. Crap like this is the exact reason many of us were outraged at the Patriot Act and similar legislation; back in 2001-2 we argued that such legislation would become an easy way for investigators to ignore the Constitution for a host of other crimes. There's been plenty of evidence of that happening already, but it's rare to see someone openly advocate such an abuse of law -- usually, in fact, conservatives defended these laws by saying they would never be used against anyone but the most dangerous international terrorists.
Re:Hmm... (Score:4, Insightful)
It's only illegal if your name isn't SONY or BMG. If your name IS SONY or BMG, you simply need to deposit two iTunes songs on the machine, and you're held harmless.
Re:looks like it may be (Score:4, Insightful)
Woooooooosh.
Re:Oblig... (Score:5, Insightful)
The wonderful thing about tiggers
Is tiggers are wonderful things!
Their tops are made out of rubber
Their bottoms are made out of springs!
They're bouncy, trouncy, flouncy, pouncy
Fun, fun, fun, fun, fun!
But the most wonderful thing about tiggers is.....
I'm the only one
Re:Now what we really need... (Score:5, Insightful)
Such a malware product exists... it's called McAfee, and while it's not very good it does convince lots of people to pay money for it.
Re:Every time Obama opens his mouth... (Score:4, Insightful)
-OR-
Investors, having heard that Obama has the successful in his cross hairs and intends to seize the fruits of their labor and give it to the unsuccessful in the name of fairness, are panicking.
Don't you mean the fruits of other people's labor. Last time I checked investors don't actually produce anything.
Re:Here's the sum total of the knowledge gained... (Score:3, Insightful)
Can I get a better update host? (Score:3, Insightful)
Microsoft isn't exactly the most trustworthy when it comes to automatically installing anything they want on your computer, which is what you suggest. There doesn't seem to be a checkbox for "only fix security flaws" in Windows Update. I find I still have to sift through the options manually.
Re:sourcing the problem (Score:4, Insightful)
Yes yes, we've always known that it's harder to be good than evil. We've got thousand year old texts on the subject, we have pop sci-fi trilogies (ahem) on the subject. It's a known deal.
Me personally, I'd rather see a few thousands die than see our country go down the path of least resistance. I've been unfortunate enough to see both occur during the past decade.
Re:sourcing the problem (Score:3, Insightful)
The truth is something that only people of a certain moral flexibility are good at uncovering.
Err, again, no. The truth has little to do with moral flexibility and all to do with facts. The fact that you confuse the two makes me question whether you understand what truth actually is.
Finally, you're also sadly mistaken if you assume that what you do on a forum has no repercussions elsewhere. At the very least, what you say on it is a reflection of who you are, and how you will act outside of it. It's not a political act, it's a social statement.
You might be technically savvy, but your understanding of the rest of the world is seriously lacking. Your confidence in your knowledge will make it difficult for you to learn.
Use the farce (Score:1, Insightful)
Your lack of experience disturbs me.
4 years of programming? I think many of us reached 4 years before the age of 10.
"Caught 2 people on site who attempted to access information without authorization..." gee that means you firm didn't do a good job after the first person.
Classified, schmlassified. One could work with DEA or NSA, SAIC or LANL, and still be doing classified work. Let's be honest: that doesn't mean it's important. Everybody and his brother has had a TS/SI clearance, bucko. Don't embarrass the real professionals who don't go around trying to impress people on Slashdot.
AC