News of the Silentbanker Trojan seems tohave (rightfully) caused quite a few people to wonder if the computersthey use to access their online banking are secure. I’ve gotten someinteresting questions about the security of online banking since LiamO’Murchu’s blog about Silentbankerwas published last week.
Some people I talked to said that they’llnever use online banking again, but I don’t think that’s the answer(just ask anyone who has ever had their bank card skimmed). Instead, I think people are better off securing their computers andusing a few best practices to ensure that their transactions are safe.
So, here are a few tips for online banking:
• Use a strong password to access your online banking and change itoften. Strong passwords are...
In a military operation, a beachhead is a point where an attackingforce landing by sea reaches a beach and defends it untilreinforcements arrive. At this point, the reinforcements will expandthe attack. What can this possibly have to do with malicious code? Inthe last six months, we’ve seen a large shift towards multistageattacks as described in Volume XII of the Symantec Internet Security Threat Report.The first stage of a typical multistage malicious code attack consistsof a small and quiet initial downloader Trojan being installed on acomputer. This initial stage may disable security applications on thecomputer, then download other malicious code as part of a secondarystage attack (expanding the beachhead).
Of great concern is that the secondary stages usually allow theattackers to perform a wider variety of attacks against the user. Thelater stages are often back doors that...
