Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

How Hackers Snatch Real-Time Security ID Numbers

From: David Farber <dave () farber net>
Date: Mon, 24 Aug 2009 14:34:17 -0400


Begin forwarded message:

From: Monty Solomon <monty () roscom com>
Date: August 23, 2009 11:29:12 AM EDT
To: undisclosed-recipient:;
Subject: How Hackers Snatch Real-Time Security ID Numbers


How Hackers Snatch Real-Time Security ID Numbers

By Saul Hansell
August 20, 2009, 1:20 pm

The world's savviest hackers are on to the "real-time Web" and using
it to devilish effect. The real-time Web is the fire hose of
information coming from services like Twitter. The latest generation
of Trojans - nasty little programs that hacking gangs use to burrow
onto your computer - sends a Twitter-like stream of updates about
everything you do back to their controllers, many of whom,
researchers say, are in Eastern Europe. Trojans used to just
accumulate secret diaries of your Web surfing and periodically sent
the results on to the hacker.

The security world first spotted these new attacks last year. I ran
into it again while reporting an article in Thursday's Times about a
lawsuit meant to help track down the perpetrators of these attacks.

By going real time, hackers now can get around some of the roadblocks
that companies have put in their way. Most significantly, they are
now undeterred by systems that create temporary passwords, such as
RSA's SecurID system, which involves a small gadget that displays a
six-digit number that changes every minute based on a complex formula.

If you computer is infected, the Trojan zaps your temporary password
back to the waiting hacker who immediately uses it to log onto your
account. Sometimes, the hacker logs on from his own computer,
probably using tricks to hide its location. Other times, the Trojan
allows the hacker to control your computer, opening a browser session
that you can't see.

...

http://bits.blogs.nytimes.com/2009/08/20/how-hackers-snatch-real-time-security-id-numbers/






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: