Week in review: Net theft, under your nose

New Trojan steals money from accounts while account holders are logged in. Google resolves misguided e-mail issue. Also: Facebook fakes.

A new type of banking Trojan horse actually steals money from your account while you are logged in and displays a fake balance.

The bank Trojan, dubbed URLZone , has features designed to thwart fraud detection systems that are triggered by unusual transactions. For instance, the software is programmed to calculate on-the-fly how much money to steal from an account based on how much money is available.

The Trojan, which exploits a hole in Firefox, Internet Explorer 6, IE7, IE8, and Opera, was responsible of the theft of nearly $438,000 during a 22-day span in August.

This is reportedly the first Trojan that hijacks a victim's browser session, steals the money while the victim is doing online banking, and then covers its tracks by modifying information displayed to the victim, all in real time.

Meanwhile, Payroll processor PayChoice said it is investigating a breach in which customers received targeted e-mails purporting to be from the company but were designed to trick people into downloading malware . Workers received e-mails last week that directed them to download a browser plug-in or visit a Web site so they could continue accessing the Onlineemployer.com PayChoice portal.

The e-mails were targeted to individuals and included their user names, log-in IDs and partial passwords, thus increasing the chance that recipients would be likely to fall for the ruse.

•  Malware worldwide grows 15 percent in September
•  Security Essentials graduates to v1.0

More headlines

<b> Google, bank resolve issue over misfired e-mail

Google and Rocky Mountain Bank ask court to dismiss a case that stemmed from the bank inadvertently e-mailing customer data to a random Gmail address.
&#149;&nbsp; Misfired e-mail was never viewed by Gmail user

<b>Facebook shuts down malicious fake profiles

AVG researcher suspects malicious profiles were created automatically by bypassing the Captcha function, but a Facebook spokesman disagrees.
&#149;&nbsp; Facebook Connect branches out
&#149;&nbsp; Facebook movie to start filming next month

<b>Apple brings back Newton developer

In another clue that Apple may be working on a tablet PC, one of the original developers of the Newton personal digital assistant is reportedly returning to Apple.
&#149;&nbsp; How will an Apple tablet stack up?

<b>Google Wave ready for wider testing

Google's Internet communications concept project is ready for wider use, which will test the stability and scalability of one of the company's most important projects.
&#149;&nbsp; Google Wave meets conference calls, with Ribbit

<b>Apple buys map service to compete with Google?

The apparent purchase of PlaceBase may explain why Apple required Google Latitude to be a Web-based app and not a native iPhone app.
&#149;&nbsp; AT&T buys application developer
&#149;&nbsp; Cisco to buy video firm Tandberg for $3 billion

<b>Microsoft finalizes Windows 7 'XP Mode'

The software maker says it has wrapped up work on an add-on to Windows 7 that lets users run a virtualized copy of the older operating system.
&#149;&nbsp; Microsoft says automated 'Fix it' is working
&#149;&nbsp; Microsoft gets big patent verdict overturned

<b>Verizon CTO advocates for metered broadband pricing

The day when consumers pay for every megabyte they use while downloading video, streaming music, or updating their Facebook statuses may be closer than you think.

<b>Secret Service: Obama poll maker is juvenile

Secret Service decides that the creator of the "Should Obama be Killed?" poll is no threat to the president. But how many death threats targeting other souls also reside on Facebook?
&#149;&nbsp; Facebook removes 'Should Obama be killed?' poll
&#149;&nbsp; Obama Facebook poll developer comes forward

Also of note
&#149;&nbsp; GM ends car sales pilot with eBay
&#149;&nbsp; Supercomputer to use new Nvidia 'Fermi' chip
&#149;&nbsp; More colleges than ever offering gaming degrees

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Is your phone battery always at 4 percent?

These battery packs will give your device the extra juice to power through all of those texts and phone calls.