Local banks scammed by PM scare

Trojan can track user locations

The Commonwealth Bank and Westpac account holders have become victims of a phishing scam in which malicious code reveals the physical location of affected IP addresses using Google Maps.

The software installs a trojan capable of keylogging user activity, hijacking infected computers.

The scam was circulated as a false news report claiming the Prime Minister suffered a heart attack. It installs a trojan and backdoor code to capture all user input as well as compromising a Web server to allow the hacker to hijack the victims' computer.

The hacker is then provided with details on the number of infected machines in each country, while the Google Maps server is used to translate IP information to pinpoint the machines' physical location.

Websense Australia and New Zealand country manager Joel Camissar believes hackers could potentially use Google Maps to assist in identity theft.

"The hackers could correlate user information acquired from the keylogger with knowledge of where a user is located from Google Maps to masquerade as them," Camissar said.

"With this they could access bank accounts and social security numbers."

Camissar said there are around 750 infected desktops in Australia, which represents 30 percent of 2500 globally.

Westpac and the Commonwealth Bank were among those specifically targeted in Australia, while the Bank of America, and Germany's Deutsche Bank were also attacked.

A Commonwealth Bank spokesperson confirmed the bank's Web site has not been laced with malicious code targeting bankers.

"The Commonwealth Bank can confirm that its Web site has not been infected with the Trojan linked to the phishing e-mail that claims the PM has suffered a heart attack," the spokesperson said.

Westpac was unavailable for comment.

Sophos senior technology consultant Graham Cluley said users are directed to a 404 error page which downloads the code.

"Recipients of the e-mail are encouraged to click on a link to obtain the latest information on Howard's health; however, this link takes users to a Web page which downloads malicious code to their PC, and then displays the real '404 page not found' error page," Cluely said.

"The scammers have registered several domain names that appear to be associated with a newspaper, and have gone to great effort to make people think that they really are visiting the genuine site by pointing to a real error page." "Everyone should be on their guard against this kind of e-mail con-trick, or risk having their PC infected."

Camissar was unsure whether Websense acquired the information through sample code provided by AusCERT or by accessing the hackers' servers.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Darren Pauli

Computerworld

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?