Sign in / up

back to article Crafty booby-trapped invoice malware empties Japanese bank accounts

IBM's X-Force security team is warning of new malware preying on Japanese bank customers. The software nasty is stealthy enough to evade the vast majority of antivirus packages, we're told. Japanese banks have been something of a low priority for crooks, given the difficulties of performing social engineering tricks using a …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Dr Trevor Marshall
    FAIL

    So whose idea was it?

    Who had the 'brilliant' idea to treat .ZIP files as executables and subdirectories in Windows? Does Japan have a 'tar and feathers' equivalent? Now would be a good time to employ it, I think....

    8 0 Reply
    1. Mark 85
      Reply Icon

      Re: So whose idea was it?

      I suspect that goes back to a "feature" in WinZip to make self-extracting files. It's a relatively simple step to turn "extract" into "extract and execute". Or maybe their just playing with a header to hide an exe as a zip? Either way, this is something who's time is long past and should be shutdown at the OS level.

      4 0 Reply
  2. Dan Paul

    In the future, lets agree to...

    put the actual names of the antivirus products that detect this malware in the damn article from now on!

    13 0 Reply
  3. Anonymous John

    Japanese-language emails that include ZIP files seemingly coming from Russian .ru domains.

    Seemingly? Since when was an .ru address some sort of guarantee of authenticity of an attachment?

    1 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    Years behind

    Authorities are years behind the crims and falling further everyday - unfortunately. The digital world is like the Wild West of yesteryear and the financial losses are skyrocketing.

    1 0 Reply
    1. Medixstiff
      Reply Icon

      Re: Years behind

      "Authorities are years behind the crims and falling further everyday - unfortunately. The digital world is like the Wild West of yesteryear and the financial losses are skyrocketing"

      I suspect because they are too busy trying to get their own populations under their thumb, they don't really care anymore, it's all about what power they wield, just look at Snowden's extensive list of documents showing numerous agencies spying on their own populations. In reality the only thing that would ever stop them is a solar flare taking out all technology and unless whole countries populations rise up, nothing will change.

      0 0 Reply
  5. Robert Helpmann??
    Childcatcher

    Lame Lingo?

    Japanese banks have been something of a low priority for crooks, given the difficulties of performing social engineering tricks using a language that's alien to the vast majority of cyber-crims.

    Seriously? If that is the excuse given, then someone missed the way that most email scams function. It has been argued elsewhere that the poor grammar of such attacks weed out those least likely to fall for anything that the phishers send out. The people pushing this out are most likely script kiddies. Presumably, they are capable of using Google Translate, too.

    1 0 Reply
  6. Old Handle

    I donno how similar it is, but I got something reminiscent of this the other day. An email claiming I had received a "fax", attached to a zip containing a file.doc.js. Being curious, I opened it... in notepad. Unfortunately, the script was obfuscated. Looks like they broke the real script into little tiny pieces and assigned them to variables. Presumably that all gets reassembled and executed when run, but it would have been way more work than I cared to put in to figure out what it was meant to do.

    I still think hidden file extensions are single worst security decision ever.

    5 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like