Blogs » Digital Babble » URLZone steals bank money, injunction served via Twitter and Web site updates

Subscribe


A different type of banking Trojan horse that steals money was recently discovered by the security firm Finjan. What is interesting about this Trojan horse is that in addition to taking bank log-in information, it also steals money from the person's bank account while they are still logged in, and then displays a fake balance.

Source: Cnet.com Banking Trojan steals money from under your nose The bank Trojan, dubbed URLZone, has features designed to thwart fraud detection systems which are triggered by unusual transactions, Yuval Ben-Itzhak, chief technology officer at Finjan, said in an interview Tuesday. For instance, the software is programmed to calculate on-the-fly how much money to steal from an account based on how much money is available. - It exploits a hole in Firefox, Internet Explorer 6, IE7, IE8, and Opera, and it is different from previously reported banking Trojans, said Ben-Itzhak. The Trojan runs an executable only on Windows systems, he said. The executable can come via a number of avenues, including malicious JavaScript or an Adobe PDF, he added.

The Trojan infects a computer when a person opens an e-mail or clicks on a link that distributes the malware. This is why it is so important to keep your anti-virus, operating system, browser and other software up to date.

Be sure to read the full details on URLZone here: Banking Trojan steals money from under your nose

UK court orders writ to be served via Twitter

Well this is a first.

Britain's High Court ordered its first injunction via Twitter. The court said is used Twitter because it was the best way to reach an anonymous Tweeter who had been impersonating someone.

[Source: Yahoo! News] The legal first could have widespread implications for the blogosphere. "I think this is a landmark decision to issue a writ via Twitter," said Dr Konstantinos Komaitis of Strathclyde University's law faculty. "You are creating a precedent that people will be able to refer to. It only takes one litigant to open the path for others to follow," Komaitis, a lecturer in IT and Telecommunications told Reuters. "The law tends to be quite cumbersome and slow, so to have a court deliberate on something like Twitter -- so hot, so relevant -- it shows quite impressive engagement.

The reason for the injunction, according to the article from Yahoo:

Matthew Richardson, the barrister who won the injunction, said the ruling was a huge step forward in preventing anonymous abuse of the Internet. Online impersonations have become increasingly prevalent following the success of the Twitter website. ... The problem has grown so large that Twitter earlier this year launched a system to verify the authenticity of Tweets. A seal, which appears on the top right of profile pages, is aimed for use on high profile Twitter accounts. Impersonating people or organizations is contrary to Twitter's terms of service and Tweeters who do not wish to take out a legal writ over the problem can contact Twitter.

I've been on Twitter for a few years now, but this surprised even me. How about traffic tickets over Twitter? Or teachers assigning detention via a tweet? Can't wait to see what they come up with next.

Back home, Web site updates

If you are a frequent visitor to our site, you may be familiar with previous staff blogs written about issues with spam blogs on our site. One step we have taken to keep the spammers away is change the way blogs are featured on our home page.

As of yesterday evening, the blogs featured on the front are selected manually by someone on staff. The problem we had before is spammers would flood our front page, so we hope this new method of presentation will keep the spam away. Before, any new blog would show up on the home page.

This method of presentation is also a way to spotlight some of the reader blogs on our site, without having them flooded out by spam. We are working on future enhancements on how we present the reader blogs online, so stay tuned for more updates.