TeamWork

Banking Trojans

F-secure recently released a paper on Banking Trojans. The paper talks about various methods used by Trojans targeting online money transactions. It also talks about a tool called “Mstrings” which helps in identifying Banking Trojans.

The paper is available at F-secure's website.

Codename 1234 !!!

Recently a list of around 100 email ids and passwords were posted by a hacker on his website (Deranged).All these accounts belonged to various government organizations around the globe and contained classified information. Some passwords in the list were too simple that even a small kid could have broken into those accounts. Most Indian embassies had one of the easiest passwords somebody could think of (1234).Indian DRDO seems to be much better in choosing passwords ,They seems to have added 1 to their password and made it more secure !!!! (password+1).

Phishing in 30 Seconds

These days even Phishing software comes with video tutorials.
The following video demonstrates how to use a phishing software called Auto Phisher.

Auto Phisher Tutorial

Indian Website Defacements

Bank of India website got compromised yesterday and was used to host malware/exploits.
If you have visited the website recently and feels that your computer is showing strange behaviour after that, it is most likely that your system got compromised by some malware which was on the site.
Indian Computer Emergency Response Team (CERT-IN) have some interesting info about the Indian sites which were defaced last year.

“
In the year 2006 a total no. of 5211 Indian websites were defaced , on an average of about 14 websites per day.
“
The Bank website has been cleaned up by their staff and is considered safe to access now.

An analysis of the defacement is available at Mcafee AvertLabs blog at
http://www.avertlabs.com/research/blog/index.php/2007/08/31/compromised-bank-of-india-website/