Bank scam targets 100,000 people in the UK

[DorsetBoy]

http://www.bbc.co.uk/news/technology-10865568

A network of thousands of compromised computers that is being used to harvest online banking details has been uncovered in the UK.

The so-called botnet is made up of around 100,000 machines, according to researchers in Israel.

Cyber criminals in Eastern Europe, who have control of the machines, are collecting personal data from the PCs.

This includes login details for online banks, credit and debit card numbers and other passwords.

"The fraudsters are very familiar with UK banking system," said Amit Klein, chief technology officer at Trusteer, the firm which uncovered the network. ......... (more)

[Rik]

And people wonder why I bar access to Eastern European ISPs.

[tehidyman]

Quote "The 100,000 Windows machines have been infected with a trojan known as Zeus"

Any thoughts on detection or elimination of this trojan?

[Rik]

Hopefully, the AV companies will be on top of it quickly, if they are not already.

[Technical Ben]

This is, AFAIK old news... oh wait [Slips on a fedora hat]
*Thems banks been hunting these crooks for years. Those "Bot Nets" they tell me. Got the Governor on the case. They's got the banks real shook up, but I'is has them on the run!"

[sinks back into the Twenty first century]

[Rik]

But slowly so as to avoid any nasty shocks.

[pctech]

Hmmm, Both HSBC and RBS pretty much insist you install the Trusteer anti-keylogging software but the bad news is it only kicks in on certain sites from what I can gather.

[DarkStar]

Hmmm, Both HSBC and RBS pretty much insist you install the Trusteer anti-keylogging software but the bad news is it only kicks in on certain sites from what I can gather.

It has pre-sets for 60 trusteer partners which you cannot remove, you can then add more sites of your own choosing up to a maximum of 100. This includes any sites where you would be likely to carry out financial transactions such as Amazon or any other shopping site. If you wish to go over a hundred you need to get the paid version. A while ago the free version was restricted to just a couple of sites over the pre-sets.  Very easy to use and add sites you wish to secure as you go.
Their site and download here. It requires you to enter your e-mail to access the download page but I've never received an e-mail from them so I assume you could use a dud one  

http://www.trusteer.com/solutions/home-users/online-security

Probably a better option is to use Prevx SafeOnline, much more advanced and comprehensive than Trusteer. If you do not want to pay for the full version you can download the free Facebook version from here

http://www.prevx.com/safebook.asp?rkw=facebook&sessionid=523AD48F-65DC-4E46-AB47-C66D73FE36CC&tr=4367&pn=routes

PS: You do not need to be a facebook member to download or run this

[DarkStar]

Quote "The 100,000 Windows machines have been infected with a trojan known as Zeus"

Any thoughts on detection or elimination of this trojan?

Most AV *should* detect Zeus but modified and updated variants come out continuously so AV's very often do not have the latest signatures plus they can be very hard to detect and remove once on the computer. Prevx works by isolating the browser from the operating system on secure https sites, I believe Rapport works in much the same way. Zeus is only the tip of the iceberg, there are other much more lethal banking trojans out there, some virtually undetectable by an AV once they are on your system.

[Simon]

Thanks for that, Ian.   

[DarkStar]

NP Simon.
Actually it's probably not quite as bad as the security firms might have you believe. One of those reports linked to in the first post gives an infection figure of 1 in 3,000 which isn't really a lot. I think if people are careful and keep their computers patched up to date with a sensible security strategy they are pretty safe but a lot of the newer infections are now coming via drive by downloads and social engineering. The first is possibly bad luck, the second is usually stupidity.