22nd February 2011
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,159
|
|
ZeuS trojan attacks bank's 2-factor authentication
From http://www.theregister.co.uk/2011/02...cation_attack/
Quote:
A variant of the ZeuS banking trojan is targeting mobile phone users who rely on their handsets to get enhanced, two-factor authentication from ING Bank Slaski in Poland, a security blogger said on Monday.
The ZeuS man-in-the-mobile attacks appear to similar to those that hit Spain in September, researchers from antivirus provider F-Secure said. Both attacks attempt to steal so-called mTANs, short for mobile transaction authentication numbers, which an increasing number of European banks are using to provide enhanced authentication to online customers. Financial institutions send the one-time passwords in text messages. The secondary passcodes are needed to login to online accounts.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|