Identity Theft News

Black Hat report: 'Clampi' Trojan a perfect tool for identity theft

Thursday, July 30, 2009

A web security researcher for SecureWorks told hackers gathered at the annual Black Hat conference in Las Vegas that a data-stealing Trojan known as Clampi is being used for one of the most sophisticated malware and identity theft attacks on the web today.

The Clampi Trojan has spread to hundreds of thousands of PCs and swipes personal information from users for draining their bank accounts. One small business in Georgia, Slack Auto Parts, lost $75,000 earlier this month due to infection by the Trojan, according to Joe Stewart, researcher at SecureWorks.

Stewart said he has identified 1,400 banking websites in 70 different countries out of roughly 4,500 bank sites being targeted by those behind Clampi for the purpose of identity theft and fraud.

Clampi's recent success in infecting PCs is accomplished by using domain administrator credentials stolen by the Trojan to copy itself to all computers on the domain. Clampi also spreads in drive-by download attacks when users visit a compromised website.

SecureWorks recommends that home computer users protect themselves online by using a separate, clean PC for online banking than the one they use to surf the web and send and receive email.
ADNFCR-1765-ID-19289322-ADNFCR

Related News:

Threat of identity theft shows need for online security - 11.19.2009
As Americans live increasingly large portions of their lives on the internet, the possibilities and incentives for remote identity theft increase as well. A report in the New York Times advises caution, and gives tips for constructing an "online bulwark" to prevent theft and fraud.

Wi-Fi network security vulnerable to man-in-the-middle attacks on smart phones - 11.16.2009
Researchers last week revealed a weakness in mobile network security that could allow for so-called "man-in-the-middle" techniques to steal personal information from users of certain types of mobile phones.

FDIC warns banks of money transfer 'mules' duped by cybercriminals - 11.2.2009
In a new warning to banks about illicit electronic fund transfers, the Federal Deposit Insurance Corporation (FDIC) said last week that online bank account theft is rising using "money mules," unwitting job-seekers who are duped by cyber crooks into wiring funds from hacked bank accounts.

Obama addresses cybersecurity awareness in YouTube video - 10.21.2009
Online cyber attacks and identity theft have never been higher, a threat environment that challenges U.S. security every day. President Obama has designated October as National Cybersecurity Awareness Month, which he addressed in a web video last week.

Facebook application security hole exposes millions to hacking, researcher says - 10.19.2009
A security researcher is warning Facebook users about potential vulnerabilities in Facebook applications that could allow cross-site scripting (XSS) hacker attacks for hijacking user accounts.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now