NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0417 MPack Malware Said to be More Dangerous Than Phishing Attacks:
The MPack toolkit, which is used to infect users' computers with malware designed to steal
personal and financial information, is more dangerous than phishing attacks, according to
web security company Finjan. The malware has reportedly led to half a million successful
infections of Trojans out of 3.1 million attempts. According to Finjan, the toolkit is very
"creative" as it can steal bank account information, such as usernames, passwords, credit
card numbers, and social security numbers without leaving a trace and send the data to
criminals via a secure connection to avoid detection. According to an expert, users with
PCs infected by MPack would not notice any changes to their normal browsing experience.
"This form of attack is more dangerous than previous forms of phsishing, which relied on
fraudulent web sites. Because this attack happens on the customers' own PC and is
encrypted, it makes it extremely difficult to detect," said Yuval Ben-Itzhak of Finjan. As
attacks become more evasive and obfuscated, security companies will "find it more
difficult to put their hands on malicious code, analyze it in their labs and create a signature
for it," he said, noting that "antivirus, reputation-based services and URL filtering solutions
are potentially limited in their ability to cope with evasive attacks, which appear once and
then vanish."
(www.itpro.co.uk 31JUL07)