Home : Security : News

Criminals using real-time hacks to target businesses

Real-time services like Twitter have transformed the web, but criminals are using the same techniques to get past security roadblocks.

By Asavin Wattanajantra, 21 Aug 2009 at 11:53

gallery

A malware researcher has warned about hackers using the ‘real-time web’ to target the web pages of businesses like banks and other financial institutions.

Joe Stewart, director of malware research for SecureWorks, spoke to the New York Times about a Trojan called ‘Clampi’, which used real-time techniques to attack people who could access corporate bank accounts with particularly big balances.

After the trojan was planted in machines it sent a real-time stream of the user’s actions using modified instant messaging software. The hacker could then log in to a user’s bank account.

If the bank account was using a one-time temporary password, the hacker could also copy this if it was used. These funds would then be transferred to wherever they needed to go.

Stewart said to the New York Times: “What everybody thought was a very secure identification method, these guys found a low-tech means to get around it."

“They don’t break the encryption, they just log in at the same time you do,” he added.

Email to a friend

Print this page

< Previous Security : News Next >

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

More Security Reviews