Security researchers have warned that cybercrooks might be able to compromise online bank accounts even in cases where banks use SMS messages to authorise transactions. The approach relies on first compromising a targeted user's computer using a variant of the ZeuS banking Trojan before infecting the same user's smartphone. …
Oh stop scaring people.
Until it happens, fuck off.
Stupid fricking idiots. Shouting about it will make it worse not better.
maybe my bank will abandon this infuriating check system, which annoyingly is sprung on me in a purely arbitrary fashion.
Stoopid system caught me off-guard (battery failure on mobile) and left me unable to order a pizza online when stuck in work late one night :'(
Symbian Signed details are?
The described Symbian S60 app has to be Symbian Signed for this to work. What are they, is the app signed by Nokia itself using their latest free signing program, is it done by the Symbian Signed website, and how could an app named like that pass signing criteria?
@ Real Name
Good plan, ignore it and perhaps it'll go away.
I see. What else do you need to get infected/affected? It also requires that planets are in alignment, your grandma is Elvis Presley's niece, you have a dog called Shakira, and your house is painted in stripes of peachy orange and blue apples. Oh well, clearly we should all watch out for this one.
Maybe they should design a virus which targets individuals called Simon, who live on Mars and drive a lettucemobile.
Zeus infected systems probably number in the millions by now. The latest Twitter thing was installing Zeus via a drive-by-download. Zeus is freaking everywhere now. Stop what you are doing, and update your system. You wouldn't believe the pages of alerts I get every day from customer systems infected with Zeus.
Now Zeus just needs to be spread to your phone, and you are completely screwed. So, no, not a good idea for you bank to drop the SMS confirmations, because without the SMS check, your account would already be empty.
really just use RSA keyfobs that make the numbers that are valid for 30 secs or Both 3 levels of security for the stupid that like to run keylogers on there pcs
"liable to be in for all sorts of trouble"
Please explain what bank doesn't question the honesty / veracity / sanity of ANYONE questioning a banks security.
The banks programmers and web sites are invincible. Or hadn't you heard?
So says the HSBC who has has web site defamation before.
It wasn't this one but acquaintance had her bank account cleaned out
She did online banking and one day discovered she had a $10 balance when it should have been much more. The bank had sent all of her money to somewhere in Australia.
Haven't heard if she was successful in getting any kind of restitution but likely not since the route was probably through a key logger on her home PC.
These things happen and this sounds like it was targeting business bank accounts rather than personal.
Leexgx is right - RSA key fobs can help to make theft more difficult instead of using a communications channel that can be compromised. Luckily my bank offered them for free but they have made it much more limited (business customers) due to lack of interest. Regular customers (maybe businesses too) now have to pay for the RSA keys.
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- Analysis Spam and the Byzantine Empire: How Bitcoin tech REALLY works
- VIDEO Herschel Space Observatory spots galaxies merging