Information Security News mailing list archives
Computer virus targets Swiss bank
From: William Knowles <wk () C4I ORG>
Date: Thu, 17 Aug 2000 04:09:49 -0500
http://news.cnet.com/news/0-1005-200-2540566.html?tag=st.ne.1002.thed.ni By The Associated Press Special to CNET News.com August 16, 2000, 9:00 p.m. PT WASHINGTON -- A new strain of the "Love Letter" computer virus is targeting customers of a Swiss bank, stealing their account information and sending it off to the virus writer, U.S. computer security companies said today. The virus, known as "VBS/Loveletter.bd," is a variant of the original "Love Letter" virus that circulated in May, and many versions have been created using the original as a template. This new strain replicates itself using Microsoft's Outlook email program and includes a resume. A previous "Love Letter" version had a resume as well, of a Filipino student. The new resume is in German and represents a job applicant in Zurich, Switzerland. The worst part of the virus payload is new to "Love Letter." The virus downloads a password-stealing program that copies online banking information--for the United Bank of Switzerland--off the infected computer. Experts got the first infection reports this morning, and all said that the virus was not yet widespread. Because of its narrow focus, experts believe the virus won't spread very far, but that it is a "proof of concept" for future viruses targeting customers of any bank. "I'm a bit concerned that it may be all too easy," said Roger Thompson, a security expert for Carlisle, Pa.-based ICSA.net. "If not the banks, the investment account aggregators" could be targeted. Due to the time zones, representatives for the United Bank of Switzerland could not be contacted--though experts did say that authorities in Europe were investigating the matter. The virus downloads the password-stealer, called "Hooker," from one of several computers on the Internet. A Kaspersky Labs spokesman, Denis Zenkin, said that among the possible download sites are computers at Michigan State University and the National Institutes of Health. Kaspersky Labs believes that the hacker placed the password-stealer there, in an area exposed to the public, for future access. Messages left at Michigan State and NIH were not immediately returned. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Computer virus targets Swiss bank William Knowles (Aug 17)