Friday, September 29. 2006
Why did I make a big deal out of the latest MS exploit?
This is why:
[From SANS]
Because Kevin told people about this, that teacher was able to quickly recover all the lost money.
JaBbA says tell your friends: Friends don't let friends get ripped off by using unpatched software.
[From SANS]
Kevin Shea wrote in to report:
Yesterday morning (9/27) when dropping off my son at school, I told his first grade teacher about the VML exploits and patch availability. She said she had computers at home and would call her husband to make sure they were patched.
When my signifigant-other picked him up around 5:30, the teachers were all talking about how her husband checked and found out they were infected with one of the trojans. Their bank accounts had been drained, by electronic withdrawals and money transfers. Since it had occurred the day before, the bank (unknown) was able to reverse the transfers and replace the money in their accounts. They won't even bounce a check.
After receiving the report, I had a few questions and I received a prompt follow-up. What the thieves did with the money was interesting. Most of the funds were transferred out using one of those services where you can wire cash to people. I'm not sure if these were wired to other accounts using the intermediary, of it people actually walked up to a counter to retrieve the funds. They also used funds in this account to purchase background checks at certain people-search/information-broker companies. Most likely this is an attempt to gather further identities in a way that won't tip-off the broker.
Because Kevin told people about this, that teacher was able to quickly recover all the lost money.
JaBbA says tell your friends: Friends don't let friends get ripped off by using unpatched software.
Trackbacks
Trackback specific URI for this entry
No Trackbacks