Banking Trojan steals money from under your nose

[hey_moe]

More problems with on line banking>> http://news.cnet.com/8301-27080_3-10...dStoriesArea.1

[stansdds]

Good reason to avoid the convenience of online banking.

[Cratermaker]

Two things about this story I don't get and it would have been nice if they had been more clear:

1) I can't transfer funds from my bank anywhere else, even if I wanted to. There are places that always want to "help" me by setting up automatic payments from my bank, but I always refuse. How is this German bank exploited exactly? I'm guessing that they have a more "advanced" banking system that let's you transfer funds anywhere for payment.

2) The article goes out of it's way to NOT mention any browser or operating system, or ones that are immune for that matter. They never say it is a problem with ALL browsers and operating systems, so it makes me think their is one they are trying to avoid upsetting.

[Zommoz]

Perhaps the article was edited since your post but the third paragraph reads

"It exploits a hole in Firefox, Internet Explorer 6, IE7, IE8, and Opera, and it is different from previously reported banking Trojans, said Ben-Itzhak. The Trojan runs an executable only on Windows systems, he said. The executable can come via a number of avenues, including a malicious JavaScript or Adobe PDF, he added."

[Cratermaker]

HA! They did edit it. Copies of the original with that paragraph omitted can be found various places, including here:

http://news.zdnet.co.uk/security/0,1...9780153,00.htm

(at least until they edit it too)

Affects windows systems. I thought that might be the case.

[Bjoern]

I just wonder how that thing is getting past the TAN activation for every transaction?

Then again, all I ever see on my account's balance is a "-" and a red number anyways, so happy stealing Trojans.