View Single Post
  #1   (View Single Post)  
Old 22nd February 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default ZeuS trojan attacks bank's 2-factor authentication

From http://www.theregister.co.uk/2011/02...cation_attack/

Quote:
A variant of the ZeuS banking trojan is targeting mobile phone users who rely on their handsets to get enhanced, two-factor authentication from ING Bank Slaski in Poland, a security blogger said on Monday.

The ZeuS man-in-the-mobile attacks appear to similar to those that hit Spain in September, researchers from antivirus provider F-Secure said. Both attacks attempt to steal so-called mTANs, short for mobile transaction authentication numbers, which an increasing number of European banks are using to provide enhanced authentication to online customers. Financial institutions send the one-time passwords in text messages. The secondary passcodes are needed to login to online accounts.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote