Five unseen security threats!

Five unseen security threats!😕😳

UTI Bank recently joined the long list of banks that have been subjected to online identity attacks.😳 The bank became a victim of a phising attack.😳 A URL on Geocities that was almost a facsimile of the bank's website homepage, was reported to be circulating amongst email users.😛 The web page not only asked for the account holder's login and passwords, somebody had even wickedly put up a disclaimer and security hazard statement. 😛

Though the incident is first of its kind this year, it is a good pointer to the increasing menace of online crime.😳 According to a new report from the security firm Websense hackers continue to get creative.😳 The instances of unique attacks to capture passwords and other private information are increasing at an alarming pace.😳 The company's quarterly research report tracks unique, unusual and new attack methods being used by hackers.😳 Here are some of the most unique attacks of Q2, 2007 from the report.

http://infotech.indiatimes.com/quickiearticleshow/msid-24534 00.cms

Tricking YouTube😕😳

With Web 2.0 sites becoming the new rage, they increasingly find themselves at the receiving hand of hacker attacks.😳 This attack from a Soviet Union domain pretended to be a YouTube application.😛

While victims think they are watching a video, a Trojan horse designed to check for information on local machines to steal confidential personal and banking information is downloaded.😛 The video distracts the user as the Trojan horse proceeds to download other pieces of code over the Web that installs keyloggers and hooks into the operating systems to further compromise the user's data.😛

http://infotech.indiatimes.com/quickiearticleshow/msid-24533 97.cms

Britney Stings 😛

Throughout the month of June, (beginning June 3rd) users who clicked on an e-mail with the subject, "Hot Pictures of Britiney Speers" got more than they bargained for.😛 The message evaded spam-filters due to the misspelling of the pop-star's name.😳 The email brought unsuspecting victims to several Web sites where they unwillingly downloaded and installed a file infector with operating system hooks and spamming capabilities.😛

A vulnerability exploiting Microsoft ANI handling enabled attackers to gain full control of victim's computers to steal confidential usernames, passwords, and credit cards.😛 The exploit used the victim's bandwidth in orchestrated DDoS attacks against other high-value targets.😳

http://infotech.indiatimes.com/quickiearticleshow/msid-24533 94.cms

Audi Breakdown😕😳

In May, Audi Taiwan's website became the latest victim to be compromised by hosting malicious code.😳 In what was a series of attack on popular commercial Web sites visitors to Audi's Taiwan web site received more than just information about their cars.😛

Users without adequate protection, inadvertently installed a password-stealing Trojan on their desktops, resulting in the theft of their passwords and other sensitive information stored locally on the machine, or when entered into an HTML form.😛

http://infotech.indiatimes.com/quickiearticleshow/msid-24533 92.cms

Google Crimeware😛

The use of Google's Web site hosting service "Google Pages" for nefarious practices continues.😛 In the past, the site has hosted malicious binary files.😛

This month the same site hosted a variety of phishing attacks.😛 Malicious code enabled a Trojan horse to steal confidential information from victim's computers as they engaged in online banking.😛

http://infotech.indiatimes.com/quickiearticleshow/msid-24533 89.cms

Deadly Pack😕😳

MPACK toolkit, designed by hackers to steal banking and confidential information was originally discovered in November 2006.😳 The toolkit, which compromised more than 10,000 websites in June 2007, had IFRAMES pointing to the hub infection site. The top regions affected by the attack were Italy, Spain and the United States.

Large-scale attacks in Europe utilised the MPACK Web exploit toolkit to steal confidential banking information.😳 Users who visited a compromised site and were vulnerable to one of the several loaded exploits downloaded a Trojan horse.😛 Through a series of Web infection downloads, the Trojan horse steals banking and confidential information.😛

Regards,

Tanveer😊😃