Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

FBI Investigates `BugBear.B' Computer Virus Targeting Banks, AP Reports
Bloomberg News ^ | June 10,2003 | Associate press

Posted on 06/10/2003 9:29:27 AM PDT by Ernest_at_the_Beach

Edited on 07/19/2004 2:11:27 PM PDT by Jim Robinson. [history]

June 10 (Bloomberg) -- The Federal Bureau of Investigation is looking into a virus-like infection that has targeted the computers of banks worldwide, and officials warned financial institutions about the attack, the Associated Press reported.

Computers of about 1,200 banks have been targeted by the virus, which tries to steal corporate passwords, AP said. The infection is known as ``BugBear.B'' and has spread to tens of thousands of consumer computers since last week.


(Excerpt) Read more at quote.bloomberg.com ...


TOPICS: Breaking News; Business/Economy; Crime/Corruption; News/Current Events; Technical
KEYWORDS: computervirus; techindex
Navigation: use the links below to view more comments.
first 1-2021-28 next last
Check your bank accounts.
1 posted on 06/10/2003 9:29:27 AM PDT by Ernest_at_the_Beach
[ Post Reply | Private Reply | View Replies]

To: Ernest_at_the_Beach; Texaggie79; Willie Green
Probably some pissed off IT worker who worked for a bank and whose job went to India.
2 posted on 06/10/2003 9:30:17 AM PDT by BrooklynGOP
[ Post Reply | Private Reply | To 1 | View Replies]

To: *tech_index; Dog Gone; Grampa Dave; blam; Sabertooth; NormsRevenge; Gritty; SierraWasp; ...
The Mafia or Al- Queda?

OFFICIAL BUMP(TOPIC)LIST

3 posted on 06/10/2003 9:31:12 AM PDT by Ernest_at_the_Beach (Recall Gray Davis and then start on the other Democrats)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach; Ramius
I actually recieved this one! PC-Cillan had updated me the day before.
4 posted on 06/10/2003 9:39:44 AM PDT by HairOfTheDog (Not all those who wander are lost)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
Sir, I sent in my payments on that loan. It must be a malfunction on YOUR side.....
5 posted on 06/10/2003 9:40:06 AM PDT by Texaggie79 (Pimps up, hoes down!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HairOfTheDog
Yeah, my antivirus servers have seen maybe forty hits so far in the last few days. This is one of the more prolific ones lately.

No infections, though. :-) We're pretty well protected.
6 posted on 06/10/2003 9:53:38 AM PDT by Ramius
[ Post Reply | Private Reply | To 4 | View Replies]

To: Ernest_at_the_Beach
Some @sshole sent this to me yesterday on my Yahoo email, it was something about online web tools. Before I uploaded it, I ran it through Norton Anti Virus and sure enough it was the BugBear B virus listed as infected mail.
7 posted on 06/10/2003 9:54:11 AM PDT by HELLRAISER II
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach; Ramius
The Mafia or Al- Queda?

Ummm.... option D?

8 posted on 06/10/2003 10:01:04 AM PDT by HairOfTheDog (Not all those who wander are lost)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Ernest_at_the_Beach
If you used MD5 digital signatures to represent your passwords, this wouldn’t be a problem. There is no way anybody could possibly steal any passwords from any of the systems I have written in the past 5 years (or it least it would be so difficult that it becomes unpractical).
9 posted on 06/10/2003 10:01:29 AM PDT by FoxPro
[ Post Reply | Private Reply | To 1 | View Replies]

To: FoxPro
There's all kinds of ways around password-based access control mechanisms.

Encryption is not a panacea.
10 posted on 06/10/2003 10:20:12 AM PDT by adam_az
[ Post Reply | Private Reply | To 9 | View Replies]

To: Ernest_at_the_Beach
AVG Antivirus - http://www.grisoft.com/html/us_index.htm

There's a freeware version; it updates weekly (more often if necessary), and it works with your e-mail as well.

Check your system. I've already had someone try to infect me with Bugbear once this week so far...
11 posted on 06/10/2003 10:23:00 AM PDT by mhking
[ Post Reply | Private Reply | To 1 | View Replies]

To: adam_az
Especially after reading Kevin Mitnick's book (The Art of Deception). Technical hacks aren't where the threat is, it's social engineering.

The fastest way to hack any system is to just start calling users and ask them for their password. Most people are smart enough to know better, but it only takes one, and somebody will inevitably comply.
12 posted on 06/10/2003 10:26:01 AM PDT by Ramius
[ Post Reply | Private Reply | To 10 | View Replies]

To: Ramius
No, there's plenty of ways to technically attack a system that can leave less evidence than social engineering methods.

Still, any system is only as secure as it's weakest link - and you can be sure an attacker will expand their definition of "system" to be as inclusive as possible, to find the largest possible number of entry points.

Information security isn't a product, you can't buy it off the shelf.
13 posted on 06/10/2003 10:31:43 AM PDT by adam_az
[ Post Reply | Private Reply | To 12 | View Replies]

To: mhking
I have Norton, so I feel that I should be ok.

It caught the Kuzmeil on some email last night, so that one is still roaming around!
14 posted on 06/10/2003 10:38:37 AM PDT by Ernest_at_the_Beach (Recall Gray Davis and then start on the other Democrats)
[ Post Reply | Private Reply | To 11 | View Replies]

To: adam_az
I completely agree. There are many who think that all they have to do is slam a PIX in the rack and they're done. That's just the quick and easy part.

I would still submit, though, and perhaps you are saying this too-- that security is an attitude and a process, not a product.

The unaddressed weakness in many systems is the user base itself. It's also the hardest to fix. People are vulnerable and it's not like there is a "patch" that you can promulgate to fix them. Writing policies is easy. Getting people to actually follow them is not so easy. Somehow you have to get them to care as much about security as you do, and they're normally not disposed to do that.
15 posted on 06/10/2003 10:41:46 AM PDT by Ramius
[ Post Reply | Private Reply | To 13 | View Replies]

To: adam_az
It would be virtually impossible to deduce a password from an MD5 hash. "sEcREtPassWoRd" = "c2a2e4cb6f882db83457865450929038", but how would anybody figure that out?
16 posted on 06/10/2003 12:58:49 PM PDT by FoxPro
[ Post Reply | Private Reply | To 10 | View Replies]

To: FoxPro
You aren't describing an authentication mechanism, you are only telling how a password is stored. That's not a system, it's a component of a system.

How is the password cached on the client? is it kept in memory? how is it sent over the wire? what does it authenticate against, a database? what's the network topology like? what other user id's have access to the database tables? how about the web server? how about the application? even if the password mechanism is relatively strong, once logged in, is there a way using anomalous flow to trick the code into showing data for or changing data for another user?

My point is there are a lot of ways besides cracking a password to get to places you shouldn't be, and crypto isn't a magic poweder you sprinkle on your application to make it "Secure"
17 posted on 06/10/2003 1:04:27 PM PDT by adam_az
[ Post Reply | Private Reply | To 16 | View Replies]

To: Ramius
Especially after reading Kevin Mitnick's book (The Art of Deception). Technical hacks aren't where the threat is, it's social engineering.

I’m not sure I’ve read that one. I’ve read others though. Among Mitnick’s many problems was breaking and entering, trespass, burglary, etc. - not just theft of services, unauthorized access, or calling employees at random to milk them for info.

It was reported and supposedly verified that he did break into the telco offices in San Ramon. Hayward too, IIRC. I can’t remember if it was Mitnick that wrote (or talked) about it or if it was one of his old sidekicks.

It’s picky, I know, but he wasn’t some 13 year old phone-phreak trying to con the operator out of the number for the test board – he was an actual criminal that physically breaks in and steals things. (Among a variety of other things.)

He also, at some point, gained physical access to telco consoles which sort of brings up a whole different range of issues… but really, just trying to point out that he wasn’t Mr. Sophisticated engaged in an elaborate “social engineering” scam – he was literally walking down halls and into offices and rummaging through desks.

18 posted on 06/10/2003 1:48:55 PM PDT by thatsnotnice
[ Post Reply | Private Reply | To 12 | View Replies]

To: thatsnotnice
Yes, he did all those things, but that's not the point.

He also got into many systems merely by calling them and asking someone for their username and password. Works like a charm, and no "system" can defeat it.
19 posted on 06/10/2003 2:16:44 PM PDT by Ramius
[ Post Reply | Private Reply | To 18 | View Replies]

To: thatsnotnice
He also, at some point, gained physical access to telco consoles which sort of brings up a whole different range of issues… but really, just trying to point out that he wasn’t Mr. Sophisticated engaged in an elaborate “social engineering” scam – he was literally walking down halls and into offices and rummaging through desks.

Well, that's sort of part of the social engineering thing too - the whole bit of gaining physical access where you're not supposed to. You have to fool people.

Came across the control program for AXE exchanges in a place it wasn't supposed to be once. Upon dissecting that copy, the identity of the tech who owned it was revealed. And yes, he had been "had" ;).

20 posted on 06/10/2003 2:38:23 PM PDT by Cachelot (~ In waters near you ~)
[ Post Reply | Private Reply | To 18 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-28 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson