Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Patched Flaw Used in Mayor Attack

Reply
Thread Tools

Patched Flaw Used in Mayor Attack

 
 
Tony
Guest
Posts: n/a
 
      02-23-2007

"Au79" <(E-Mail Removed)> wrote in message
news:V0uDh.322351$(E-Mail Removed)...
> Mass-pharming attack targeting 50 banks is shut down
>
> By Frank Washkuch Jr. Feb 22 2007 16:10
>


Not much point in posting that info here, you're far too late! Wrong group
anyway.


 
Reply With Quote
 
 
 
 
Au79
Guest
Posts: n/a
 
      02-23-2007
Mass-pharming attack targeting 50 banks is shut down

By Frank Washkuch Jr. Feb 22 2007 16:10

Fifty financial institutions in the United States, Europe and the
Asia-Pacific region were hit with a well crafted pharming attack this week.

In preparation for the attacks, hackers created mock pharming websites for
each financial institution they targeted, according to press reports from
the IDG News Service.

Researchers from Websense told the wire service that attackers lured victims
to a website hosting malicious code that exploited a patched Microsoft
vulnerability.

Microsoft patched the flaw last May. The vulnerability requires a user to
only visit a website to have his or her PC infected by malware.

In this attack, the malicious website would download a trojan known as
ieexplorer.exe, which downloads more malware from Russia. The websites then
display an error message asking users to shut off firewalls and anti-virus
software, according to the reports.

Victimized users are then redirected to the malicious pharming websites that
appear similar to legitimate financial websites. Attackers can use the
collected personal information for identity fraud, or sell the details to
other criminals.

Dan Hubbard, vice president of security research at Websense, told
SCMagazine.com today that the attacks were well researched and designed.

"They are very well planned and thought out. Resilient infrastructures,
sophisticated malcode and very good back-end control and statistic," he
said. "The use of malicious code is growing very fast. This is being used
more and more and we believe it will rise in both frequency and
sophistication. The attack success percentages are higher also."

ISPs have shut down websites hosting the malicious code in Germany, Estonia
and the United Kingdom. The attack also installs a bot on infected PCs,
according to the report.

http://scmagazine.com/us/news/articl...gets-50-banks/

--
....................
http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
http://rixstep.com/1/20040719,00.shtml
http://free.thelinuxstore.ca/
 
Reply With Quote
 
 
 
 
Fuzzy Logic
Guest
Posts: n/a
 
      02-23-2007
Au79 <(E-Mail Removed)> wrote in news:V0uDh.322351$(E-Mail Removed):

> Mass-pharming attack targeting 50 banks is shut down
>
> By Frank Washkuch Jr. Feb 22 2007 16:10
>
> Fifty financial institutions in the United States, Europe and the
> Asia-Pacific region were hit with a well crafted pharming attack this
> week.
>
> In preparation for the attacks, hackers created mock pharming websites
> for each financial institution they targeted, according to press reports
> from the IDG News Service.
>
> Researchers from Websense told the wire service that attackers lured
> victims to a website hosting malicious code that exploited a patched
> Microsoft vulnerability.
>
> Microsoft patched the flaw last May. The vulnerability requires a user
> to only visit a website to have his or her PC infected by malware.


Once again showing the importance of properly maintaining your system.

If my car has a safety recall and I ignore it and then fall victim to the issue it's NOT the manufacturer's fault.

> In this attack, the malicious website would download a trojan known as
> ieexplorer.exe, which downloads more malware from Russia. The websites
> then display an error message asking users to shut off firewalls and
> anti-virus software, according to the reports.
>
> Victimized users are then redirected to the malicious pharming websites
> that appear similar to legitimate financial websites. Attackers can use
> the collected personal information for identity fraud, or sell the
> details to other criminals.
>
> Dan Hubbard, vice president of security research at Websense, told
> SCMagazine.com today that the attacks were well researched and designed.
>
> "They are very well planned and thought out. Resilient infrastructures,
> sophisticated malcode and very good back-end control and statistic," he
> said. "The use of malicious code is growing very fast. This is being
> used more and more and we believe it will rise in both frequency and
> sophistication. The attack success percentages are higher also."
>
> ISPs have shut down websites hosting the malicious code in Germany,
> Estonia and the United Kingdom. The attack also installs a bot on
> infected PCs, according to the report.
>
> http://scmagazine.com/us/news/articl...attack-targets
> -50-banks/
>


 
Reply With Quote
 
Au79
Guest
Posts: n/a
 
      02-24-2007
Fuzzy Logic wrote:

> Au79 <(E-Mail Removed)> wrote in news:V0uDh.322351$(E-Mail Removed):
>
>> <snipped>
>>
>> Microsoft patched the flaw last May. The vulnerability requires a user
>> to only visit a website to have his or her PC infected by malware.

>
> Once again showing the importance of properly maintaining your system.
>
> If my car has a safety recall and I ignore it and then fall victim to the
> issue it's NOT the manufacturer's fault.
>


Windos is a car that gets recalled often. I wonder if users just get sick of
dealing with it to the point where it's just easier to ignore all the
warnings.


--
....................
http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
http://rixstep.com/1/20040719,00.shtml
http://free.thelinuxstore.ca/
 
Reply With Quote
 
Fuzzy Logic
Guest
Posts: n/a
 
      02-27-2007
Au79 <(E-Mail Removed)> wrote in news:ZERDh.14594$(E-Mail Removed):

> Fuzzy Logic wrote:
>
>> Au79 <(E-Mail Removed)> wrote in news:V0uDh.322351$(E-Mail Removed):
>>
>>> <snipped>
>>>
>>> Microsoft patched the flaw last May. The vulnerability requires a user
>>> to only visit a website to have his or her PC infected by malware.

>>
>> Once again showing the importance of properly maintaining your system.
>>
>> If my car has a safety recall and I ignore it and then fall victim to
>> the issue it's NOT the manufacturer's fault.
>>

>
> Windos is a car that gets recalled often. I wonder if users just get
> sick of dealing with it to the point where it's just easier to ignore
> all the warnings.


All major OS's get frequent 'recalls'. For example I know of 4 patches this month for SuSE alone:

http://www.linuxsecurity.com/content...tegory/100/112
 
Reply With Quote
 
Fuzzy Logic
Guest
Posts: n/a
 
      03-01-2007
Au79 <(E-Mail Removed)> wrote in news:b8pFh.26051$(E-Mail Removed):

> Fuzzy Logic wrote:
>
>> Au79 <(E-Mail Removed)> wrote in news:ZERDh.14594$(E-Mail Removed):
>>
>>> Fuzzy Logic wrote:
>>>
>>>> Au79 <(E-Mail Removed)> wrote in news:V0uDh.322351$(E-Mail Removed):
>>>>
>>>>> <snipped>
>>>>>
>>>>> Microsoft patched the flaw last May. The vulnerability requires a user
>>>>> to only visit a website to have his or her PC infected by malware.
>>>>
>>>> Once again showing the importance of properly maintaining your system.
>>>>
>>>> If my car has a safety recall and I ignore it and then fall victim to
>>>> the issue it's NOT the manufacturer's fault.
>>>>
>>>
>>> Windos is a car that gets recalled often. I wonder if users just get
>>> sick of dealing with it to the point where it's just easier to ignore
>>> all the warnings.

>>
>> All major OS's get frequent 'recalls'.

>
> The key word here is 'frequent'. windos is the king of 'frequent' recalls.
>
>> For example I know of 4 patches
>> this month for SuSE alone:
>>
>> http://www.linuxsecurity.com/content...tegory/100/112

>
> I haven't heard of SuSE providing a patch for a patch, or have "Patch
> Tuesdays" with up to twelve critical holes that never seem to go away.


I supplied this example in another post to you. In case you missed it.

Here are two patches for the SuSE Kernel released within 3 months of each other:

http://www.linuxsecurity.com/content/view/127226/170/
http://www.linuxsecurity.com/content/view/126321/170/

There are many good reasons for "Patch Tuesday":

http://en.wikipedia.org/wiki/Patch_Tuesday

Also of the 12 most recents Windows updates close to half were Office related. If you are including non-OS
patches there were 15 security updates for SuSE in January:

http://www.linuxsecurity.com/content...egory/100/112/
 
Reply With Quote
 
Au79
Guest
Posts: n/a
 
      03-02-2007
Fuzzy Logic wrote:

> Au79 <(E-Mail Removed)> wrote in news:b8pFh.26051$(E-Mail Removed):
>
>> Fuzzy Logic wrote:
>>
>>> Au79 <(E-Mail Removed)> wrote in news:ZERDh.14594$(E-Mail Removed):
>>>
>>>> Fuzzy Logic wrote:
>>>>
>>>>> Au79 <(E-Mail Removed)> wrote in news:V0uDh.322351$(E-Mail Removed):
>>>>>
>>>>>> <snipped>
>>>>>>
>>>>>> Microsoft patched the flaw last May. The vulnerability requires a
>>>>>> user to only visit a website to have his or her PC infected by
>>>>>> malware.
>>>>>
>>>>> Once again showing the importance of properly maintaining your system.
>>>>>
>>>>> If my car has a safety recall and I ignore it and then fall victim to
>>>>> the issue it's NOT the manufacturer's fault.
>>>>>
>>>>
>>>> Windos is a car that gets recalled often. I wonder if users just get
>>>> sick of dealing with it to the point where it's just easier to ignore
>>>> all the warnings.
>>>
>>> All major OS's get frequent 'recalls'.

>>
>> The key word here is 'frequent'. windos is the king of 'frequent'
>> recalls.
>>
>>> For example I know of 4 patches
>>> this month for SuSE alone:
>>>
>>> http://www.linuxsecurity.com/content...tegory/100/112

>>
>> I haven't heard of SuSE providing a patch for a patch, or have "Patch
>> Tuesdays" with up to twelve critical holes that never seem to go away.

>
> I supplied this example in another post to you. In case you missed it.
>
> Here are two patches for the SuSE Kernel released within 3 months of each
> other:
>
> http://www.linuxsecurity.com/content/view/127226/170/
> http://www.linuxsecurity.com/content/view/126321/170/
>
> There are many good reasons for "Patch Tuesday":
>
> http://en.wikipedia.org/wiki/Patch_Tuesday
>
> Also of the 12 most recents Windows updates close to half were Office
> related. If you are including non-OS patches there were 15 security
> updates for SuSE in January:
>
> http://www.linuxsecurity.com/content...egory/100/112/


....and yet, Linux is clearly far more secure than windos.

--
....................
http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
http://rixstep.com/1/20040719,00.shtml
http://free.thelinuxstore.ca/
 
Reply With Quote
 
Fuzzy Logic
Guest
Posts: n/a
 
      03-02-2007
Au79 <(E-Mail Removed)> wrote in news:SwNFh.233606$(E-Mail Removed):

> Fuzzy Logic wrote:
>
>> Au79 <(E-Mail Removed)> wrote in news:b8pFh.26051$(E-Mail Removed):
>>
>>> Fuzzy Logic wrote:
>>>
>>>> Au79 <(E-Mail Removed)> wrote in news:ZERDh.14594$(E-Mail Removed):
>>>>
>>>>> Fuzzy Logic wrote:
>>>>>
>>>>>> Au79 <(E-Mail Removed)> wrote in news:V0uDh.322351$(E-Mail Removed):
>>>>>>
>>>>>>> <snipped>
>>>>>>>
>>>>>>> Microsoft patched the flaw last May. The vulnerability requires a
>>>>>>> user to only visit a website to have his or her PC infected by
>>>>>>> malware.
>>>>>>
>>>>>> Once again showing the importance of properly maintaining your system.
>>>>>>
>>>>>> If my car has a safety recall and I ignore it and then fall victim to
>>>>>> the issue it's NOT the manufacturer's fault.
>>>>>>
>>>>>
>>>>> Windos is a car that gets recalled often. I wonder if users just get
>>>>> sick of dealing with it to the point where it's just easier to ignore
>>>>> all the warnings.
>>>>
>>>> All major OS's get frequent 'recalls'.
>>>
>>> The key word here is 'frequent'. windos is the king of 'frequent'
>>> recalls.
>>>
>>>> For example I know of 4 patches
>>>> this month for SuSE alone:
>>>>
>>>> http://www.linuxsecurity.com/content...tegory/100/112
>>>
>>> I haven't heard of SuSE providing a patch for a patch, or have "Patch
>>> Tuesdays" with up to twelve critical holes that never seem to go away.

>>
>> I supplied this example in another post to you. In case you missed it.
>>
>> Here are two patches for the SuSE Kernel released within 3 months of each
>> other:
>>
>> http://www.linuxsecurity.com/content/view/127226/170/
>> http://www.linuxsecurity.com/content/view/126321/170/
>>
>> There are many good reasons for "Patch Tuesday":
>>
>> http://en.wikipedia.org/wiki/Patch_Tuesday
>>
>> Also of the 12 most recents Windows updates close to half were Office
>> related. If you are including non-OS patches there were 15 security
>> updates for SuSE in January:
>>
>> http://www.linuxsecurity.com/content...egory/100/112/

>
> ...and yet, Linux is clearly far more secure than windos.


You appear to be looking through rose coloured glasses. I continue to refute you arguments and yet you
persist.

You have stated in previous posts that an unpatched *nix box is still more secure than a fully patched
Windows box. I really have to question your reasoning. For example if you are running Sun Solaris and you
haven't installed the appropriate patch you will shortly be a victim of a telnet worm and your system seriously
compromised:

http://www.us-cert.gov/cas/techalerts/TA07-059A.html

You probably don't need to worry about this as you run SuSE and also believe there is no malicious software
for *nix. I even offered you a "free sample" but you denied such a thing even existed. Keep your head in the
sand and ignore the signs that as *nix gets more common it's also going to become a more popular target for
exploitation. Invariably these attacks will take advantage of well documented flaws that have already been
patched similar to attacks on Windows systems. Most Windows attacks involve an already patched exploit or
an attack requiring user intervention (opening an unsolicited attachment or running questionable programs that
the user is enticed to do via social engineering).

So again I will state your overall system security has more to do with how well it's maintained and used than
your actual OS. If you don't maintain your OS and/or do stupid things like open unsolicited attachments or
execute questionable programs you will eventually get burned regardless of the OS. To put it another way
security is a process that has little to do with the hardware or software you use. No OS is 100% secure and
your overall system security is a moving target as new flaws are found and fixed. So saying product A is
'more secure' than product B is nearly impossible unless you are willing to nail down EXACTLY what hardware
and software you are running, the patch levels and versions of all software on the system including device
drivers.

 
Reply With Quote
 
Au79
Guest
Posts: n/a
 
      03-03-2007
Fuzzy Logic wrote:

>> ...and yet, Linux is clearly far more secure than windos.

>
> You appear to be looking through rose coloured glasses. I continue to
> refute you arguments and yet you persist.
>


I don't believe that you have refuted any arguments credibly. I continue to
post voluminous stories from journals around the world about new and
improved windos vulnerabilities, old vulnerabilities left unpatched, and
patches that require patches.

Your entire stance seems to be that it is the user that is the problem, and
not some arrogant and incompetent conglamorate. Their marketing teams spend
countless hours touting windos as being the "most secure", only to get egg
in their face.

Microsoft, like your arguments, is a technical failure.

> You have stated in previous posts that an unpatched *nix box is still more
> secure than a fully patched Windows box. I really have to question your
> reasoning. For example if you are running Sun Solaris and you haven't
> installed the appropriate patch you will shortly be a victim of a telnet
> worm and your system seriously compromised:
>
> http://www.us-cert.gov/cas/techalerts/TA07-059A.html
>


And while users patch their windos and Unix boxes, the fact remains that
windos will sprout brand new holes at such an accelerated rate to make Unix
seem virtually indestructible, patches and all.

> You probably don't need to worry about this as you run SuSE and also
> believe there is no malicious software for *nix.


There's no malicious software that can cause the same amount of damage and
destruction as in a winbox.

> I even offered you a
> "free sample" but you denied such a thing even existed.


Talk about delusional. Why don't you release this wonder of yours into the
wild and rid the world of Unix once and for all?

> Keep your head in
> the sand and ignore the signs that as *nix gets more common it's also
> going to become a more popular target for exploitation.


This old argument has been around for too long. Since 80% of the Internet
depends on Unix and Unix-based software to run, it is a mighty big target
that has not been brought down. The fact is that Unix is already a target
for hard-core hackers, the best coders with the biggest brains have not
succeeded in turning the net off.

> Invariably these
> attacks will take advantage of well documented flaws that have already
> been patched similar to attacks on Windows systems. Most Windows attacks
> involve an already patched exploit or an attack requiring user
> intervention (opening an unsolicited attachment or running questionable
> programs that the user is enticed to do via social engineering).
>


Not Mr. fuz, the worst viral attacks turn PC's into zombies without user
intervention. Worms and viruses simply get in and meddle with the registry
and other system areas, sans help.

> So again I will state your overall system security has more to do with how
> well it's maintained and used than your actual OS. If you don't maintain
> your OS and/or do stupid things like open unsolicited attachments or
> execute questionable programs you will eventually get burned regardless of
> the OS.


Yes, your broken record argument. I really don't see how you can believe
that anyone with a high school education can take you seriously. Every
thing that you describe above is only- and only- found in a windos
environment.

> To put it another way security is a process that has little to do
> with the hardware or software you use. No OS is 100% secure and your
> overall system security is a moving target as new flaws are found and
> fixed.


Again, all relative, by itself Linux may not be 100% secure against a hard
core hacker, but comparing it to measly windos, it is 100% secure against
winbox programmers.

> So saying product A is 'more secure' than product B is nearly
> impossible unless you are willing to nail down EXACTLY what hardware and
> software you are running, the patch levels and versions of all software on
> the system including device drivers.


Again, you gotta clear that fuzz off your logic. We are comparing two vastly
different architectures: One offers its system areas to anyone that passes
by. The other was design with the assumption that multiple users sharing
resources within the same system cannot be left unchecked.

So from the ground-up Unix internal mechanisms do not allow the same
promiscuity as windos. Oh, but its a good business strategy by MS.


--
....................
http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
http://rixstep.com/1/20040719,00.shtml
http://free.thelinuxstore.ca/
 
Reply With Quote
 
Fuzzy Logic
Guest
Posts: n/a
 
      03-07-2007
Au79 <(E-Mail Removed)> wrote in news:YB4Gh.120357$(E-Mail Removed):

> Fuzzy Logic wrote:
>
>>> ...and yet, Linux is clearly far more secure than windos.

>>
>> You appear to be looking through rose coloured glasses. I continue to
>> refute you arguments and yet you persist.
>>

>
> I don't believe that you have refuted any arguments credibly. I continue
> to post voluminous stories from journals around the world about new and
> improved windos vulnerabilities, old vulnerabilities left unpatched, and
> patches that require patches.


I will try and put this in simple terms that hopefully you can understand:

1) All OS's have vulnerabilities and will continue to have them.
2) There are often patches for the same component as new vulnerabilities are found in that component (I
sent you links for 2 patches for the SuSE kernel that have been released within months of each other).
3) Hackers typically exploit documented vulnerabilities (half the work is done for them) so it's important that
you apply patches ASAP
4) If you are not practising safe computer techniques the OS may not be able to protect you from yourself
(and why should it?).

> Your entire stance seems to be that it is the user that is the problem,
> and not some arrogant and incompetent conglamorate. Their marketing
> teams spend countless hours touting windos as being the "most secure",
> only to get egg in their face.


The weakest link in computer security is the user not the OS. Failing to install ONE critical patch is all it takes
for the bad guys to gain access to your system regardless of the OS.

> Microsoft, like your arguments, is a technical failure.
>
>> You have stated in previous posts that an unpatched *nix box is still
>> more secure than a fully patched Windows box. I really have to question
>> your reasoning. For example if you are running Sun Solaris and you
>> haven't installed the appropriate patch you will shortly be a victim of
>> a telnet worm and your system seriously compromised:
>>
>> http://www.us-cert.gov/cas/techalerts/TA07-059A.html
>>

>
> And while users patch their windos and Unix boxes, the fact remains that
> windos will sprout brand new holes at such an accelerated rate to make
> Unix seem virtually indestructible, patches and all.
>
>> You probably don't need to worry about this as you run SuSE and also
>> believe there is no malicious software for *nix.

>
> There's no malicious software that can cause the same amount of damage
> and destruction as in a winbox.
>
>> I even offered you a
>> "free sample" but you denied such a thing even existed.

>
> Talk about delusional. Why don't you release this wonder of yours into
> the wild and rid the world of Unix once and for all?


I really have no desire to spend time behind bars.

>> Keep your head in
>> the sand and ignore the signs that as *nix gets more common it's also
>> going to become a more popular target for exploitation.

>
> This old argument has been around for too long. Since 80% of the
> Internet depends on Unix and Unix-based software to run, it is a mighty
> big target that has not been brought down. The fact is that Unix is
> already a target for hard-core hackers, the best coders with the biggest
> brains have not succeeded in turning the net off.


The Internet hardly DEPENDS on *nix. Certainly many servers on the Internet use *nix but that server could
just as easily be a Windows box running equivalent software. There is no money to made in turning the net
off so that's unlikely to happen anytime soon.

>> Invariably these
>> attacks will take advantage of well documented flaws that have already
>> been patched similar to attacks on Windows systems. Most Windows
>> attacks involve an already patched exploit or an attack requiring user
>> intervention (opening an unsolicited attachment or running questionable
>> programs that the user is enticed to do via social engineering).
>>

>
> Not Mr. fuz, the worst viral attacks turn PC's into zombies without user
> intervention. Worms and viruses simply get in and meddle with the
> registry and other system areas, sans help.


That's correct the user didn't install a patch that would have prevented this from happening.

>> So again I will state your overall system security has more to do with
>> how well it's maintained and used than your actual OS. If you don't
>> maintain your OS and/or do stupid things like open unsolicited
>> attachments or execute questionable programs you will eventually get
>> burned regardless of the OS.

>
> Yes, your broken record argument. I really don't see how you can believe
> that anyone with a high school education can take you seriously. Every
> thing that you describe above is only- and only- found in a windos
> environment.


So you are saying there are no critical vulnerabilities in *nix? That patches don't come out on a regular basis
for *nix? That maintaining your system is NOT important to your security? That the failure to apply a patch
for a single critical vulnerability is all it takes to compromise your system? That opening unsolicited
attachments is OK? That downloading questionable software is fine?

If so there is no point in any further discussion.

>> To put it another way security is a process that has little to do
>> with the hardware or software you use. No OS is 100% secure and your
>> overall system security is a moving target as new flaws are found and
>> fixed.

>
> Again, all relative, by itself Linux may not be 100% secure against a
> hard core hacker, but comparing it to measly windos, it is 100% secure
> against winbox programmers.
>
>> So saying product A is 'more secure' than product B is nearly
>> impossible unless you are willing to nail down EXACTLY what hardware
>> and software you are running, the patch levels and versions of all
>> software on the system including device drivers.

>
> Again, you gotta clear that fuzz off your logic. We are comparing two
> vastly different architectures: One offers its system areas to anyone
> that passes by. The other was design with the assumption that multiple
> users sharing resources within the same system cannot be left unchecked.
>
> So from the ground-up Unix internal mechanisms do not allow the same
> promiscuity as windos. Oh, but its a good business strategy by MS.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
New PowerPoint flaw used in attack Au79 Computer Support 0 07-22-2007 04:37 AM
Exploit code released for patched Microsoft Internet Explorer flaw Au79 Computer Support 2 03-30-2007 02:25 PM
Exploit surfaces for just-patched Windows flaw Au79 Computer Support 0 11-22-2006 05:43 AM
IE flaw bypasses fully patched systems Au79 Computer Support 6 09-21-2006 07:03 PM
Outlook TNEF flaw could be much worse than WMF flaw Au79 Computer Support 0 01-13-2006 10:48 PM



Advertisments