Posted on 05/10/2006 11:38:57 AM PDT by Panerai
Spyware researchers at Webroot Software have uncovered a stash of tens of thousands of stolen identities from 125 countries that they believe were collected by a new variant of a Trojan horse program the company is calling Trojan-Phisher-Rebery.
The FBI is investigating the stolen information, which was discovered on a password-protected FTP (File Transfer Protocol) server in the U.S. and is believed to be connected to a Trojan horse that is installed from the Web site teens7(dot)com. The information, organized by country, includes names, phone numbers, social security numbers, and user log-ins and passwords for tens of thousands of Web sites, according to information provided to InfoWorld by Webroot.
The discovery is just the latest evidence of rampant identity theft by online criminals who use malicious Web sites, common software vulnerabilities and keylogging software to harvest information from unsuspecting Web surfers.
The Trojan was discovered on April 25 by Dan Para, a member of Webroot’s Threat Research Team, who was investigating one of a number of malicious files installed using “drive by downloads” from the teens7(dot)com Web site. In drive by downloads, software vulnerabilities in Web browsers are exploited so that malicious software can be pushed down to the machine running the Web browser, usually without any warning to the computer’s owner.
The Rebery malicious software is an example of a “banking” Trojan, which are programmed to spring to life when computer owners visit one of a number of online banking or e-commerce sites, said Gerhard Eschelbeck, CTO at Webroot.
Webroot notified the FBI after it discovered the stolen information, which had been groomed and organized in folders by country where it was “ready to be sold,” Eschelbeck said. The stolen data was hosted on an FTP server hosted by nLayer Communications in New York, according to Webroot.
(Excerpt) Read more at macworld.com ...
Hope they nail them.
Neither McAfee or Norton will detect key logging software.
Yep. You need spyware detectors.
May 10, 2006
JS-4249
Statement of Treasury Secretary John W. Snow
On Protecting Americans from Identity Theft
"Perhaps the most serious threat to financial consumers today is identity theft. Identity thieves are clever, adaptable, and heartless. Indeed, many identity thieves specifically target the most vulnerable members of society - families of the recently deceased, seniors, hospital patients, and men and women serving our nation overseas. The effects don't stop with a few unauthorized charges. A ruined credit history can be an unbearable burden that lasts for years. They are a threat to individual Americans and a threat to our progressive and open economy.
"President Bush recognized from the beginning the need for his Administration to act quickly to address this problem. Today, the President signed an executive order that creates the Nation's first ever Identity Theft Task Force. This task force will marshal the resources of the federal government to crack down on the criminals who traffic in stolen identities, and protect American families from this devastating crime.
"Treasury has been working hard to fulfill the President's call to action and protect Americans' financial assets. In just the past few months we have distributed approximately 200,000 free educational DVDs across the country to help Americans learn about identity theft, how they can protect themselves, and what they should do if they think someone is attacking their information.
"The Fair and Accurate Credit Act, signed by President Bush in 2003, has helped teach Americans how to protect their assets by giving them easier access to spot unauthorized activity on their credit information and by allowing businesses to move quickly to identify the criminals at work. President Bush's leadership on this issue has provided Americans the needed tools to keep informed and to protect their financial information. His efforts today remind us that no matter where or when, we must remain constantly alert and work together to prevent this crime from ruining more lives."
For more information check out Treasury's Identity Theft Resource page at: http://www.treas.gov/offices/domestic-finance/financial-institution/cip/identity-theft.shtml
But, like always our so-called government won't recognize it as a "problem" because, well, they created it and don't want to take responsibility for ANY failures/problems they create.
For those looking for protection against this type of thing, I recommend WinPatrol and Spybot Search & Destroys' resident TeaTimer (both FREE).
mark for later reference
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.