New technology to enable people to withdraw money from cash machines using their smartphone has been unveiled.
Customers who use the Royal Bank of Scotland (RBS) or NatWest mobile banking app can now request cash, up to £100, via their smartphone.
They are given a six-digit code to enter into an ATM to release the cash.
A similar system has been developed by cash machine operator NCR. This requires users to scan a barcode to withdraw the money. Continue reading ATMs to operate without a card
The creators of the Flame malware have sent a “suicide” command that removes it from some infected computers.
Security firm Symantec caught the command using booby-trapped computers set up to watch Flame’s actions.
Flame came to light after the UN’s telecoms body asked for help with identifying a virus found stealing data from many PCs in the Middle East. Continue reading Flame malware makers send ‘suicide’ code
Today, botnets are one of the principal technologies used by cybercriminals. Botnet technologies have been developing for several years, giving rise to decentralized botnets and botnets managed via social networks, with drive-by downloads becoming the principal method of infection. In this respect, 2011 was a relatively uneventful year and cybercriminals came up with nothing radically new. But everything changed in early 2012. Continue reading IT Threat: Q1 2012
On Sunday Microsoft reported that “…some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft.”
This is due to the presence of an an older cryptographic algorithm in Windows Server which may be exploited to make the code appear to be signed by Microsoft.
The algorithm was employed by Terminal Server Licensing Service, which allows for remote desktop access. Microsoft has released an advisory and update to eliminate the security hole that allows certificates to be signed. Continue reading The 5 Worst Computer Viruses
Security experts at CSIS say that they have discovered the smallest online banking trojan yet. Called Tiny Banker (Tinba), the malware is just barely 20KB in size, including its configuration files.
Like Zeus, Tinba uses man-in-the-browser techniques and easily extendable configuration files to manipulate bank web sites via webinjects. Webinjects can be used, for example, to create additional fields for numerical single-use passwords that the attackers can then leverage to authorise fraudulent payments. Tinba can also uncover standard passwords and monitor network traffic.
Tinba is a bot in the classical sense; it uses an encoded connection to deliver data it has collected to a command and control server, which in turn gives the bot new orders. According to CSIS, Tinba has only been used on a very small number of banking web sites so far, but its modular structure means that the perpetrators should not have any problems adding other sites to that list.
Last month, cybercriminals embarked on what quickly became one of the largest-scale malware attacks on Apple computers to date. Their motive was financial: security researchers now estimate that the infected computers made the malware’s creators $10,000 a day. Continue reading Malware for Macs Lucrative, Security Researchers Say