What do they use? The Coreflood Trojan horse to infect massive numbers of PCs that gathers confidential information, including bank account numbers and passwords.
The Russian hacker group is at it again using a Microsoft administration tool to steal passwords. This is not new as they have been doing this for years.
A sampling of 11% of the stolen accounts found in one directory on the groups command-and-control server found more than a quarter-million dollars at risk, said Joe Stewart, director of malware research at Atlanta-based SecureWorks Inc.
In his most recent findings, Stewart spelled out how much money the group has had access to, as well as the number of users whose information was hijacked. As before, Stewart culled the information from a Coreflood command-and-control server he had helped shut down earlier this year.
Among the mountains of evidence on the server were the results of automated scripts that checked the validity of bank accounts and in the process obtained the account balances. Of the 79 accounts the cyber crooks tested — from among 740 stolen accounts on file in a single directory — the highest balance was US$147,000, while the averages were $4,553 for each savings account and $2,096 for each checking account.
Tips:
Don’t store passwords on your PC
Don’t have your browser remember passwords
Safe surfing!
Those pesky ole hackers.
Jim Jones
http://www.Ultimate-Anonymity.com
It’s important to block all .ru domain extensions. I have written a blog on risky domains that users need to watch for.
Thank you for the comment!
Kind of glad I have a mac, even though it’s probably vulnerable too. I need to start remembering my passwords in my head instead of in firefox. Grr.
Tips:
Use an operating system that is not built to be hijacked.
The Internet is a nasty place. And there are sadly millions and millions of people who don’t know how to protect their pc’s.
But the worst scenario is when people tend to think. I don’t have anything important on my computer anyway, so who would like to hack into it.
zol.
To Mr Frank J:
for your info- most hacking groups are located in US and Europe, especially Holland.Almost all hack sites are from .com, .net, .ws and so on. Where are they located, can you tell me? Are you powerful enough to block .nl domain? Or China? What all of you will do without chinese brains or without china-made components of your PCs? Just don’t be so stupid to make such “It’s important to block all .ru domain extensions”. Just block everything, put a barbwire around US, cut off all cables to internet and rest in peace, enjoying licking ass of vista-makers. Only in that case you will be safe. But I think that it will be safer for the rest of the world.
On the contrary, most are from .ru domain extensions, but not to say they’re from Russia, but maybe using a proxy to be deceptive.
O yeah, that is so modern- to blame russians for everything. They have oil and gas- lets bomb them, they are democratic not in american way. Mr Putin is making money from oil- let’s punish him! Arabian kings are making money ONLY on oil, but nobody blames them, though they ARE terrorists and dictators.
You know, this is just a matter of fashion- people always need someone to be guilty. But usual people are suffering not from “russian hackers”, but from all those security limitations. Thats why sometimes I can’t use my credit card to pay for something over internet, thats why I can’t use all benefits of Playstation Network or XBoxLive services. Thats why some of my e-mail addresses are blocked from certain sites- they are from .ru domain!
All this comes from stupidness of certain people: Mr Bush said- bin Laden is guilty, lets bomb Afghanistan. SecureWorks Inc (who the f*k knows them at all? are they REALLY professionals?) said- troyans stealing bank accounts, and you, Mr Frank J, are making immediate decision- lets block .ru! Not wise at all!
PS: I’m not russian. I’m already guilty that I was born in USSR. And I’m proud of it!
PPS: thanks for discussion.
That was not my message. I am simply saying thatmany resources such as Trend Mirco, McAfee, and Symantec have included that much of the threats we know today happen to come from .ru domain extensions.
Who’s bombing who?
Heh, according to “Tipping Point” research, top 5 hackers countries are
Great Britain
New Zealand (surprised? me too!)
Australia
Singapore
Taiwan
S.Korea
Hong Kong
China
India
Japan
Where is Russia?
That is one resource and not as credited as the ones I provided, but we can go back and forth all day.
Ok, I just didn’t like your “let’s block bla-bla-bla”. Journalist is bringing the facts, but making conclusions- is not his job.
Anyway, thanks for conversation. Good luck.
I hear what you are saying, and I could have been more neutral. I appreciate the comments!