I have asked a financial adviser a few days ago what is his opinion on the latest Trojan dubbed Silentbanker.
He asked ‘Silent what?’
He has not heard anything about it. Weird! I would have thought that financial advisors would be better informed.
I guess by now people are more alert regarding Silentbanker.
In case you are like our adviser, here it’s what Symantec advised regarding the trojan:
The Trojan targets many different banks using various methods in order to perform the following:
Gain access to accounts
Divert transactions to attacker controlled accounts
The Trojan performs the following actions:
Redirects legitimate requests to attacker controlled computers
Alters the HTML of pages shown to the user
Alters requests sent by the user to the bank
Captures screen shots of Web sites where the user must click instead of type the password
Sends full pages received by the victim to the attacker
Downloads new versions of itself
Downloads new configuration files
Records user names and passwords
Records the content of the clipboard
Steals cookies, digital certificates, and Adobe .sol files
Sends a list of all software installed on the compromised computer to the attackers
The threat hooks APIs in the following browsers:
It may also hook APIs to the following file:
We were told to avoid Internet transactions, including transfers and payments, and instead to go to the bank and make our payments over there.
Not a problem, it’s another pain in the butt, but it’s doable.
But we are running into another scare: bank robberies.
Updated statistics put Vancouver on the fast track of becoming Canada’s capital of heists.
Only in January we had 33 heists, an increase of 136 per cent compared to January 2007.
In 2006 we had 130 bank robberies, in 2007 the number jumped to 185, probably we will break the record this year.
This is the dilemma: we are between two scares: Silentbanker and a bank robbery. Which one is less dangerous?