A Scary Tale About Coreflood
If you bank online,
check
out the story about a security briefing this week on the Coreflood Trojan.
Researcher Joe Stewart of SecureWorks Inc. got access to a command and control
server used to collect data from a botnet deployed by a Russian crime group.
Stewart shared some statistics at the Black Hat security conference in Las
Vegas. Among the findings: 8,485 compromised bank accounts, 3,233 credit card
accounts and more -- all collected in six months.
Here's the scary part. Coreflood is an older, well-known Trojan, but it's still
doing massive damage. "In the case of Coreflood, you've got people infected
who didn't do anything wrong," Stewart said. So users didn't necessarily
visit suspect Web sites, let their anti-virus lapse or commit other computing
no-nos.
Do you feel like current best practices in the industry are enough to protect
your customers? Let me know at [email protected].
Posted by Scott Bekker on August 07, 2008