Comments: Threatwatch - trojan hijacking, proxy victims, breaching conflicts of legal interest, semi-opaque blue hats

"_Spot it? If you can name e-gold then you can get away with embarressing someone who can't fight back. But if it is a regulated financial institution, it shouldn't be named - if the debit card PIN debacle in the US is anything to go by_."

This propaganda-lie is not peculiar to finance systems. In the UK a BSE cluster arose (sometime in the mid-80s) around a small village, this was explained by besmirching the name of the local butcher. The local butcher did not have the resources of a huge supermarket chain to defend himself and hence found himself in the liar's cross-hairs.

Posted by Darren at March 18, 2006 09:16 AM

WOW - that's heavy

you predicted EXACTLY THAT about a year ago mate and at the time I pooh-poohed you because I figured there is no way anyone would bother with anything so complex.

wow !


> ===============================
> LURHQ’s description of an E-gold Trojan was an early foreshadowing of
> things to come. E-gold is an e-cash operation, similar to Paypal. Turns
> out they’ve been under constant attack from these advanced Trojans for
> a few years now.
>
> The E-gold Trojan waits for the victim to successfully authenticate to
> E-gold’s Web site, creates a second hidden browser session, and uses
> various spoofing tricks until it drains the victim’s account. Because
> the stealing and spoofing is started after the authentication is
> completed, no amount of fancy log-on authentication would prevent the
> heist. All too telling is LURHQ’s prediction that “other banking
> institutions are sure to be attacked in this manner in the future.”
> ===============================

Posted by Jape at March 18, 2006 09:21 AM

Oh wow, that is just nuts. E-Gold has always been relatively intelligent with their security policies (as opposed to Paypal, for example), but this is almost too much to handle, especially given the anonymity of it all.

I've seen trojans offered on various hacking sites. Of course, E-Gold is the only accepted method of payment, which brings up another ironic set of circumstances for the purchasers.

-Greg

Posted by Forex Basics at March 29, 2006 05:04 AM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x55b83e246c30) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.