Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.

Friday, November 7, 2008

Undetectable data-stealing trojan nabs 500,000 virtual wallets

The linked article above is another reminder why it's important to have a proxy as part of your network security infrastructure, especially one that has the ability to block embedded URL's that are considered spyware or malware sources. Researchers have uncovered a trove of financial account data stolen by a Trojan horse program known as Sinowal over the last several years. As many as half a million accounts have been compromised; more than 20 percent were stolen in the last six months alone. Sinowal, which is also known as Torpig and Mebroot, spreads through websites onto unpatched PCs without any user interaction. That the Trojan had been operating for nearly three years has been called "extraordinary." It lies in wait on infected PCs; when a user enters a banking URL, it offers up a phony site to collect the pertinent data and then sends the information back to a drop server.

No comments: