Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Webroot uncovers thousands of stolen identities
Macworld ^ | 05/10/2006 | Paul Roberts, IDG News Service

Posted on 05/10/2006 11:38:57 AM PDT by Panerai

Spyware researchers at Webroot Software have uncovered a stash of tens of thousands of stolen identities from 125 countries that they believe were collected by a new variant of a Trojan horse program the company is calling Trojan-Phisher-Rebery.

The FBI is investigating the stolen information, which was discovered on a password-protected FTP (File Transfer Protocol) server in the U.S. and is believed to be connected to a Trojan horse that is installed from the Web site teens7(dot)com. The information, organized by country, includes names, phone numbers, social security numbers, and user log-ins and passwords for tens of thousands of Web sites, according to information provided to InfoWorld by Webroot.

The discovery is just the latest evidence of rampant identity theft by online criminals who use malicious Web sites, common software vulnerabilities and keylogging software to harvest information from unsuspecting Web surfers.

The Trojan was discovered on April 25 by Dan Para, a member of Webroot’s Threat Research Team, who was investigating one of a number of malicious files installed using “drive by downloads” from the teens7(dot)com Web site. In drive by downloads, software vulnerabilities in Web browsers are exploited so that malicious software can be pushed down to the machine running the Web browser, usually without any warning to the computer’s owner.

The Rebery malicious software is an example of a “banking” Trojan, which are programmed to spring to life when computer owners visit one of a number of online banking or e-commerce sites, said Gerhard Eschelbeck, CTO at Webroot.

Webroot notified the FBI after it discovered the stolen information, which had been groomed and organized in folders by country where it was “ready to be sold,” Eschelbeck said. The stolen data was hosted on an FTP server hosted by nLayer Communications in New York, according to Webroot.

(Excerpt) Read more at macworld.com ...


TOPICS: Computers/Internet
KEYWORDS: ftp; identitytheft; internet; stolenidentiry; webroot; websecurity

1 posted on 05/10/2006 11:39:00 AM PDT by Panerai
[ Post Reply | Private Reply | View Replies]

To: Panerai

Hope they nail them.


2 posted on 05/10/2006 11:41:51 AM PDT by DannyTN
[ Post Reply | Private Reply | To 1 | View Replies]

To: Panerai

Neither McAfee or Norton will detect key logging software.


3 posted on 05/10/2006 11:41:59 AM PDT by Yo-Yo (USAF, TAC, 12th AF, 366 TFW, 366 MG, 366 CRS, Mtn Home AFB, 1978-81)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Yo-Yo

Yep. You need spyware detectors.


4 posted on 05/10/2006 11:43:25 AM PDT by b4its2late (If it's treason, there's no doubt a democrat is standing behind it.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Panerai
Kind of related:

May 10, 2006
JS-4249

Statement of Treasury Secretary John W. Snow
On Protecting Americans from Identity Theft

"Perhaps the most serious threat to financial consumers today is identity theft. Identity thieves are clever, adaptable, and heartless. Indeed, many identity thieves specifically target the most vulnerable members of society - families of the recently deceased, seniors, hospital patients, and men and women serving our nation overseas. The effects don't stop with a few unauthorized charges. A ruined credit history can be an unbearable burden that lasts for years. They are a threat to individual Americans and a threat to our progressive and open economy.

"President Bush recognized from the beginning the need for his Administration to act quickly to address this problem. Today, the President signed an executive order that creates the Nation's first ever Identity Theft Task Force. This task force will marshal the resources of the federal government to crack down on the criminals who traffic in stolen identities, and protect American families from this devastating crime.

"Treasury has been working hard to fulfill the President's call to action and protect Americans' financial assets. In just the past few months we have distributed approximately 200,000 free educational DVDs across the country to help Americans learn about identity theft, how they can protect themselves, and what they should do if they think someone is attacking their information.

"The Fair and Accurate Credit Act, signed by President Bush in 2003, has helped teach Americans how to protect their assets by giving them easier access to spot unauthorized activity on their credit information and by allowing businesses to move quickly to identify the criminals at work. President Bush's leadership on this issue has provided Americans the needed tools to keep informed and to protect their financial information. His efforts today remind us that no matter where or when, we must remain constantly alert and work together to prevent this crime from ruining more lives."

For more information check out Treasury's Identity Theft Resource page at: http://www.treas.gov/offices/domestic-finance/financial-institution/cip/identity-theft.shtml

5 posted on 05/10/2006 11:45:47 AM PDT by b4its2late (If it's treason, there's no doubt a democrat is standing behind it.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Panerai

6 posted on 05/10/2006 11:46:27 AM PDT by Fighting Irish
[ Post Reply | Private Reply | To 1 | View Replies]

To: Panerai
Why not start with eliminating the SSN. That is the LARGEST security breach imposed on a society that could have ever been devised.

But, like always our so-called government won't recognize it as a "problem" because, well, they created it and don't want to take responsibility for ANY failures/problems they create.

7 posted on 05/10/2006 11:51:12 AM PDT by unixfox (The 13th Amendment Abolished Slavery, The 16th Amendment Reinstated It !)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Yo-Yo
Neither McAfee or Norton will detect key logging software.

For those looking for protection against this type of thing, I recommend WinPatrol and Spybot Search & Destroys' resident TeaTimer (both FREE).

8 posted on 05/10/2006 11:55:32 AM PDT by holymoly (Dick DeVos for MI Governor: http://www.devosforgovernor.com/)
[ Post Reply | Private Reply | To 3 | View Replies]

To: holymoly
Regarding a minor glitch in Spybot 1.4 TeaTimer:

Solution to fix the pop-ups in TeaTimer

9 posted on 05/10/2006 12:00:40 PM PDT by holymoly (Dick DeVos for MI Governor: http://www.devosforgovernor.com/)
[ Post Reply | Private Reply | To 8 | View Replies]

To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...

10 posted on 05/10/2006 1:02:17 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rzeznikj at stout

mark for later reference


11 posted on 05/10/2006 2:25:32 PM PDT by rzeznikj at stout (This Space For Rent. Call 555-1212 for more info.)
[ Post Reply | Private Reply | To 10 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson