Isn't it better to encrypt account data and send to a maillist or ng ?
Virus Steals Bank Passwords
The FBI is looking into an Internet password-stealing scam that may have
forwarded stolen online banking codes to free email accounts run by U.S.
companies, according to security experts involved in the investigation.
A new variant of the infamous "I Love You" virus struck banks in Europe
and the United States yesterday, potentially exposing some
online-banking customers' accounts.
For now, the variant, "VBS/LoveLetter.bd," is only a threat to United
Bank of Switzerland (UBS) customers, although the virus's existence
could result in copycat versions attacking other financial institutions.
That could pose a serious threat not only to banks but to consumers as
well, according to security experts.
The variant of the I Love You virus, also known as the "Love Letter" or
"Love" bug, affects people using Microsoft's Outlook email client. Like
the original virus, it sends copies of itself to all of the addressees
in a victim's email address book. In addition, the bug downloads a
password-stealing program, "hcheck.exe," that lifts USB PIN numbers and
sends them to three email addresses: [EMAIL PROTECTED],
[EMAIL PROTECTED] and [EMAIL PROTECTED]
National Infrastructure Protection Center (NIPC) spokeswoman Debbie
Weirerman confirmed the FBI is investigating where the virus sent the
PIN numbers.
Network Associates' Antivirus Emergency Response Team (AVERT) also said
it is working with the FBI. Sal Viveros, an AVERT director, said the
three email addresses connected with the password threats have been shut
down. But he said investigators are still searching for one or more Web
servers that may also have been used to receive the stolen passwords.
"We believe the email addresses have been shut down, and we're awaiting
to hear word the servers have been shut down," he said.
Network Associates, as well as Symantec and other antivirus-software
makers, had rated the virus only a medium threat because it targeted a
single financial institution. Network Associates plans to downgrade the
threat to low after the FBI shuts down the Web server used in the
attack.
The virus appears to have first affected UBS's European operations;
Network Associates acknowledged 15 attacks, mostly in Germany. In a
release today, the bank said that only "a small proportion of UBS
e-banking customers are at risk," and "there are no reports of damage as
of yet."
The threat was greatest to customers using UBS's online-banking
software. "The virus attempts to steal scratch list numbers from the UBS
PIN module," the bank warned in its release. The bank recommended that
customers opening the Love variant block their "e-banking authorization
immediately by entering an incorrect password three times."
The original Love virus struck in May, crippling email systems
worldwide, stealing passwords, and overwriting picture files essential
to some publishers and Web sites.
NIPC, which is charged with protecting the security of the nation's
computing infrastructure, has been issuing warning updates on the new
variant throughout the day. Law-enforcement officials are taking the
virus seriously, as it attacks financial institutions and steals
passwords.
