This week, Microsoft has released a security update for all Windows systems that addresses a vulnerability that has been used in several malware programs, including several types of Trojans that attempt to steal your credit card or banking data.
If you have your computer automatically install Microsoft updates, you don’t need to take any action. But this might be a good time to verify that those updates are installed. This specific update is: Microsoft Security Bulletin MS10-046 – Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198). It should have been installed automatically on August 3rd.
This is really only one little crack that these malware programs use and this is a good opportunity to alert you about some of the methods used to steal your credit card and banking information.
Most of us are familiar with (and avoid) the old fashioned phishing email where someone uses a bank logo and tries to convince you to click the link in the email to “update” your credit card or bank information. Banks and credit card companies have been very helpful to educate us all that they do NOT use email to obtain any of this type of information.
Criminals have developed other ways to get the very same information. Some of us have learned about “key loggers” which are programs that record keystrokes (Wikipedia has a fair overall description). These little pests are best dealt with by having good antivirus and antimalware programs installed and up to date.
What is happening more recently is that certain malware programs are triggering pop-up windows when you key in a targeted bank or credit card web site. Network World has an excellent article describing these infections in detail and a good screen capture of what the fake pop-up looks like. I highly suggest reading the article here: Zeus Trojan attempts to exploit MasterCard, Visa security programs. On a similar track, AVG has tagged a new group of these sites and malware programs they have labeled as “mumba botnet”, Roger Thompson’s blog has details.
Date: August 4, 2010