Guard Privacy & Online Security News & Information

About Guard Privacy & Online : Guard Privacy Blog Home : August 2006

August 1, 2006 17:47 - Spyware And Malware Continues Its Relentless Threats

In its "State Of Spyware Report: Q1 2006", Webroot reports a significant up-turn in adware and overall infection rates along with steady growth in other more malicious and threatening malware. The growth in adware is a surprise after the company had been monitoring a decline in this more benign form of spyware. Here's a summary of the main threats affecting the majority of us...

New Distribution And Hiding Tactics
A trend that was noticeable in 2005 and continues today involves auto-updating technology embedded in spyware programs to avoid detection.

Some of the more malicious spyware writers include code to block outbound Internet connections from detecting update services for popular antivirus and antispyware scanning engines. By reusing code from viruses and Trojans, spyware is also becoming more difficult to detect, as well as rootkit-like behavior to hide files from detection.

Phishing Trojans
The re-emergence of phishing trojans to collect secure information, such as credit card numbers, is attributed to the released source code for common Trojan downloads and new Trojan phishers. These new Trojans include code with rootkit-like functionality making detection more difficult.

Keylogger Sophistication
Keyloggers are increasingly now using process blocking techniques to stop anti-spyware programs from running and so evading detection.

Adware Tactics Change As the use of antispyware increases, some adware companies have adopted sophisticated techniques used by malicious spyware writers to evade detection and removal. Frequently, adware will download a toolbar without consent, serving up advertisements and hijacking browser settings.

WebSites Increase Spyware Usage
Webroot identified a further 24,000 Websites hosting spyware during the first quarter of 2006, bringing the total to 427,000.

As spyware increases its sophistication in infection and avoiding detection, not only is it important to use at least two effective antispyware programs, users can also make it more difficult for spyware by ensuring their peripheral protection is up-to-date. Find out more at Review On Spyware And Adware Removal... 5 Key Steps To Spyware Protection.
To reference this entry please copy the url in this link: (Permalink)

August 2, 2006 15:28 - What Were The Significant Malware Issues For This Year's Second Quarter?

Kaspersky's review of malware evolution April - June, 2006, has highlighted four areas that gained attention. One, Ransomware, I reported on a couple of days ago. Let's take a look at the other three...

MS Office Vulnerabilities
After the release of Service Pack 2 for Windows XP, which plugged many of the existing vulnerabilities, crackers switched their attention to the secondary modules of Windows. This has now led to the recent critical vulnerabilities with Microsoft Office products, particularly Excel and PowerPoint. The vulnerability is based on how the Office applications work with OLE files and the main exploit is called MS06-12.

When Kaspersky Lab analysts researched the vulnerabilities, it became evident that the same problem was the foundation of all the vulnerabilities. Kaspersky criticises Microsoft for not checking all fields of OLE objects (of which there are more than 100) rather than just releasing separate patches for each individual loophole.

Polymorphic Scripts
Polymorphism is a term used to describe viruses and how they can be transformed using complex algorithms to make detection difficult.

Over the past few years, virus analysts have been encountering polymorphic code but at the turn of 2005/ 2006, polymorphic techniques were even being implemented in script viruses -- known as worms. This was something never encountered before.

The result was that during the first six months of 2006, polymorphic email worms, such as Feebs and Scano spread actively and posed a serious threat. The worms spread via email as an encrypted Java Script file attached to infected messages, appearing as a standard HTML page. The majority of users do not view HTML pages as executable, nor as objects which potentially contain malicious code.

Kaspersky go on to say that there are difficulties in creating detection for such viruses.

Proofs Of Concept
Currently, virus writers seem to be suffering from a lack of inspiration and are using older, almost forgotten technologies more and more frequently. In order to infect the greatest numbers of users, malware writers use proofs of concept... programs or approaches which may not be widely used in the future, but which still mean that antivirus companies have to respond appropriately to the new potential threat.

The most dangerous proof of concept this quarter was, without a doubt, the Yamanner worm, one of a very small group of worms which use a unique propagation method.

The worms do not need to penetrate the victim's machine in order to infect them. The malicious code simply has to be activated in one way or another, either by the user viewing the message within the browser, or by visiting a site which contains the malicious code.

In June 2006 almost 200 million users of Yahoo! Mail were potential victims of such a worm. Yamanner is interesting in that the user does not have to do anything except open an email using the Yahoo! Mail web interface in order for the malicious code to be activated.

Kaspersky closes by saying, "It's clear that the boundary between personal computers and internet resources has long since been destroyed; a computer may not contain the body of a virus, but you may still be involved in propagating malicious code simply by updating your blog or reading your mail. This is clearly a threat which will be significant in the future."
To reference this entry please copy the url in this link: (Permalink)

August 3, 2006 15:55 - Flaw Could Leave Wireless Users Open To Worm

Ensure you are running the latest security patches, following the announcement of vulnerabilities in Intel Centrino's wireless connection. The flaws could, theoretically, allow hackers to spread malicious code wirelessly between computers.

In a statement, Intel said the security vulnerabilities exist in the Microsoft Windows drivers for certain versions of their Wireless Network Connection hardware.

Find Out If You Are Affected
If you want to see whether your hardware is affected, Intel have a tool that will help you identify your wireless adapter.

They also provide more information about the vulnerabilities and the hardware potentially affected.

Sophos, a security company, carried this report and Graham Cluley, their senior technology consultant said, "A hacker could exploit these wireless vulnerabilities to run malicious code on an innocent users' computer, giving them control over other people's PCs or spreading a wireless worm which could leapfrog from one laptop to the next. The good news is that we haven't seen any attacks using this exploit yet, but that doesn't mean computer users should be laid back about applying fixes."

Although Intel has published generic updates to its software on its website, which reportedly fix the issue, the company is recommending that users contact their laptop manufacturers for vendor-specific information and fixes.
To reference this entry please copy the url in this link: (Permalink)

August 4, 2006 16:13 - Firefox Browser Increasingly A Target

Readers of the articles on my website,, will know that I've been recommending for security reasons to switch from the Internet Explorer browser to Mozilla's Firefox. However, as the share of the browser market has increased for Firefox and corporate bodies have adopted it, malware attackers have been lining up their sights at this browser.

Now, Technewsworld are reporting that users are advised to start treating Firefox with the same level of security preparedness they used to reserve only for IE. The reason? Crackers used Firefox in an attack last week that utilized software that could capture personal information, such as credit card numbers and passwords.

According to Dave Cole, director of the Symantec Security Response group, Symantec detected Infostealer.Snifula, which downloads malicious Trojans onto a user's computer and can subsequently steal any information the user types into a form on the Web. Only a few months ago, crackers attacked Mozilla browsers with Javascript-based JS.Ffsniff, Cole added.

Mike Schroepfer, vice president of engineering for Mozilla, responded by saying, "While this malware is trying to mask itself by corrupting a Firefox installation, it is no different from any other malware that a user might be tricked into installing from a spam email or malicious Web site."

He encouraged consumers to be careful when installing software from unknown sources, especially files linked or attached to e-mails, and said the company will continue working closely with antivirus vendors.

I also advise you to install the new Firefox update,, in response to this attack at Mozilla.
To reference this entry please copy the url in this link: (Permalink)

August 7, 2006 16:59 - Google Warns Of Unsafe Sites

If you are using the Google search engine and happen to follow a link through to a website that contains malware -- malicious code -- then Google will now be responding with a pop-up warning you of the potential risk.

The initiative comes out of Google's involvement with the Stop Badware Coalition, a project cataloguing programs that plague people with unwanted ads, use spyware or steal personal data.

The Stop Badware Coalition is led by Harvard University, the University of Oxford and is sponsored by Sun Microsystems, Chinese computer manufacturer Lenova and Google.

The StopBadware home page states that the Google page links to a general page on StopBadware org. but will soon contain an individual website report page detailing the malware we're likely to encounter.

I decided to give this a try... I went to and entered with a search for Now, StopBadware org/blog had reported their first website report was about the malware that is wrapped up in the themes and wallpaper and that can be downloaded from ThemeXP to your computer. It also features the analysis of this site as an example of what we'll be getting in the future -- individual reports on websites carrying malware.

So, having got the results of my search and clicking on one of a selection of links, what happened? Well, Google dutifully dropped me off at the site to leave me without any warning in the clutches of the hidden malware waiting to get at my computer. warning.

Maybe the announcement is a little ahead of reality?
To reference this entry please copy the url in this link: (Permalink)

August 8, 2006 16:25 - Microsoft Vista Gets Hacked By Blue Pill

Microsoft invited attendees at the Black Hat hacker conference last week, to have a shot at their new, upcoming Vista operating system.

Microsoft want to back up their claims that Vista will be the most secure and malware-proof system on the market. But, unfortunately for them, Polish researcher, Joanna Rutkowska, demonstrated that the security systems in Vista can be sidestepped by using a piece of malicious software that she named "Blue Pill".

Blue Pill
I reported last month that Rutkowska, who works for Coseinc, promised to demonstrate "Blue Pill" at the SyScan conference -- and she certainly picked a high profile candidate! Rutkowska told attendees how to use virtualization technology to develop malicious code that is undetectable, much like a rootkit.

Microsoft had designed Vista to block unsigned driver software from running on the 64-bit version of Vista, but Blue Pill bypasses the shield. A Microsoft employee at the conference put on a brave face to say, "Microsoft is investigating solutions for the final release of Windows Vista to help protect against the attacks demonstrated." He added that, "the company is working with our hardware partners to investigate ways to help prevent the virtualization attack used by the Blue Pill".

Vista needs to be running in administrator mode to launch the attack. Microsoft's User Account Control, a Vista feature designed to run a PC with few user privileges, would prevent Rutkowska's attack. Once she got past the User Account Control, Rutkowska demonstrated a way to create the stealthy Blue Pill malware. Her technique relies on Pacifica, a Secure Virtual Machine from AMD.
Read the article
To reference this entry please copy the url in this link: (Permalink)

August 9, 2006 17:19 - One In Three Of Us Falls Victim To CyberCrime... At A Cost Of $8 Billion

American consumers spent at least $7.8 billion to correct problems resulting from viruses and spyware. This vast sum was spent on computer repairs, parts, and replacement over the past two years, according to the 2006 Consumer Reports State of the Net. There's not only the cost... there's also the fact that one in three of us will be a cybervictim!

Summary Of The Findings
Here's a summary of what the survey found from a sample of more than 2,000 households with Internet access:
  • 29 percent said a virus, spyware, or phishing scam caused serious computer problems and/or financial losses
  • 20 percent of the households surveyed didn’t have antivirus software installed.
  • Thirty-five percent didn’t use software to block or remove spyware.
  • Consumers continued to buy products advertised through spam.
  • The study projected that about 2.4 million U.S. households with broadband, who are hackers’ prime targets, remain unprotected by a firewall.
How To Protect Against These Risks
Consumer Reports stated that there were several dedicated products that offer very good or excellent protection against each of viruses, spyware, and spam.

The report warned that software suites, which try to protect against the same three hazards within a single package, weren’t usually as successful.

Readers of my website already know that security suites can't compete with the best of the individual software programs for firewall, antivirus, antispyware and antispam. To find out more about the best of these products, take a look at Guard Privacy & Online Security
To reference this entry please copy the url in this link: (Permalink)

August 10, 2006 17:45 - Critical Flaw Patches Issued For Windows, IE And PowerPoint

Microsoft has released security updates for 23 security vulnerabilities in its software. 15 were rated "critical" -- Microsoft's highest severity rating -- indicating that an attacker could exploit them without any user interaction. Attackers are already actively exploiting 11 of the vulnerabilities.

The number of critical flaws currently has surpassed the total number of patches for both 2005 and 2004. The current flaws affect Outlook, PowerPoint, Internet Explorer, and Windows, among others. Here are examples of the patched vulnerabilities...

  • Internet Explorer Web browser -- resolves several vulnerabilities that could allow outside attackers to take over a computer via remote code execution attacks. Although Firefox isn't immune to attacks, in my view its safety record still surpasses IE... at least until we see the final version of IE7
  • Outlook Express e-mail software also involves a flaw that could allow machines to be compromised through remote code execution attacks, allowing attackers to log on with full administrator priveleges
  • There was a fix to address a vulnerability in the software's server service that could allow for remote code execution
  • The PowerPoint presentation software, and Microsoft Visual Basic for Applications, were both issued patches for flaws which could leave computers open again to remote code execution attacks. Office applications have been a regular target for so-called zero-day attacks.
More Information
To reference this entry please copy the url in this link: (Permalink)

August 11, 2006 14:53 - Google Warns Of Government Privacy Intrusion

Commenting on the news that AOL had accidentally released the search histories of 658,000 of its users, Google said that government intrusion -- not accidental public disclosures of data -- is the biggest threat to online privacy.

The comments came from Google CEO Eric Schmidt who was attending the industry conference, Search Engine Strategies, in San Jose, California. Schmidt said government demands on company's data on Web users, pose a more serious threat to user privacy.

He said the firm has put in place all necessary safeguards to protect its user's personal data from theft or accidental release. The security system put in place would make it difficult if not impossible, to steal customer data, he added.

Calls For Protective Legislation
Th news of AOL's accidental release of its user's information has renewed calls for federal legislation to guard privacy of the consumer online.

Representative Edward Markey urged his colleagues to take action on privacy legislation he proposed in February of this year. Markey's bill, the Eliminate Warehousing of Consumer Internet Data Act (EWOCID), would require Internet companies to destroy obsolete electronic data, particularly data that could be used to individually identify consumers.

Markey's bill has stalled in committee since it was introduced, and there is no indication from the Republican leadership in the House as to when any action will be taken on the bill.
Read the story
To reference this entry please copy the url in this link: (Permalink)

August 14, 2006 18:39 - New Worm Attacks Windows Vulnerability - Did You Patch?

Security experts have worried that the Windows Server services vulnerability, which was included as a patch in Microsoft Security Bulletin MS06-040, could be used in a widespread worm attack. The first worm to exploit this vulnerability has now been released, according to H.D. Moore, who leads the Metasploit Project, where it was discovered.

"It works very reliably against Windows 2000 and Windows XP systems that do not have SP2 installed," he said.

DHS Warning
The worm is known as Win32/Graweg and last week the US Department of Homeland Security (DHS)issued an alert asking Windows Operating System users to apply security patches released by Microsoft as quickly as possible. It was feared that if left unpatched, the MS06-040 vulnerability could leave computers open to worm attacks similar to the MSBlast worm which hit hundreds of thousands of computers worldwide in 2003.

The DHS warned, "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users."

Microsoft Plays It Down
However, Microsoft said the threat associated with the latest Win32/Graweg worm was ranked as "Low" and was unlikely to have a widespread impact because it could not self-replicate. However, it has advised any affected customers to contact a local FBI office or the national law enforcement agency in their country.

Several other software holes patched by Microsoft last week, including a PowerPoint vulnerability, have already been used in cyber attacks.

Get Your Patches
So, if you haven't updated Windows with the new patches, take these warnings seriously and get your updates from Microsoft now.

Better still, if you've got an automatic update facility but haven't got it switched on, then switch it on now and you'll receive Windows security patches as soon as they're released. If you're not sure how to find out if your machine has automatic updates and how to switch them on, then...
  • Click Start, and then click Control Panel
  • Depending on which Control Panel view you use, Classic or Category, do one of the following:

    -- Click System, and then click the Automatic Updates tab
    -- Click Performance and Maintenance, click System, and then click the Automatic Updates tab

  • Click the option that you want. Make sure Automatic Updates is not turned off.
To reference this entry please copy the url in this link: (Permalink)

August 15, 2006 15:16 - Movieland Faces Spyware And Bully Tactics Lawsuit

Washington State is suing the owners of, alleging that the company used spyware to bully users into signing up for its paid movie download service.

According to IDG News, consumers who dowloaded's free three-day trial software were eventually hit with frequent pop-up ads informing them that they were legally obliged to purchase the product, said Paula Selis, an assistant attorney general with the state. The tactics forced some consumers to give in and pay between US$19.95 and $100 for the service, she said.

Though the company's free trial software does advise users that they will be obliged to purchase a monthly license if they do not cancel, this notice does not sufficiently explain what will happen if the software is installed, Selis said.

Washington State, the U.S. Federal Trade Commission and the Better Business Bureau, have received thousands of consumer complaints about, dating back to the end of 2005, Selis added. She also said, "We sued them because we were getting complaints from consumers who felt that they were being harassed and held over a barrel for payments that they didn't agree to make."

As spyware increases its sophistication in infection and avoiding detection, not only is it important to use at least two effective antispyware programs, users can also make it more difficult for spyware by ensuring their peripheral protection is up-to-date. Find out more at Review On Spyware And Adware Removal... 5 Key Steps To Spyware Protection
To reference this entry please copy the url in this link: (Permalink)

August 16, 2006 17:14 - Police Soon Able To Demand Encryption Keys To Unlock Computers

Earlier this summer, the UK government announced that it plans to activate Part III of the Regulations of Investigatory Powers Act (RIPA), which will give the police the power, in some circumstances, to demand an encryption key from a suspect if they cannot gain access to the suspects encrypted computer files.

ZDNet have reported that police claim hundreds of computers belonging to suspected terrorists or paedophiles are gathering dust as investigators are unable to decrypt the data on their hard drives.

However, the introduction of RIPA to crack down on criminals using encryption to hide their tracks could also leave users open to new forms of electronic attacks against which they have to guard privacy, according to one expert. Caspar Bowden, former director of the Foundation for Information Policy Research (FIPR), warned that introduction of the legislation could lead to a new wave of cyber attacks.

He postulated criminals could create malware that could change the encryption key or password on a user's machine. This malware would then delete itself and the criminals could threaten to tip off the police about the encrypted data, claiming it was information about criminal activity.

Without the key, which the program deletes or changes, innocent users could find they have to defend themselves against this sort of blackmail.

Similarly, criminals could use these viruses against themselves, claiming "a virus ate my password" as an excuse for not providing the encryption key, Bowden argued.
To reference this entry please copy the url in this link: (Permalink)

August 17, 2006 18:06 - Dell's Laptop Battery Recall In Perspective

Anyone reading about the recall of laptop batteries by Dell will conjure up pictures of their laptop bursting into flames.

However, as PC Mag reports, Dell has had six incidents of laptops catching fire, out of the 4.1 million units affected. Sure, that's alarming but let's get it into perspective... your chances of being affected are pretty remote. So what's causing the problem...

The Cause Of The Problem
According to Roger Kay, an analyst and principal at Endpoint Technologies, "The problem was within the manufacturing process of the cell itself. Sony apparently had a tool that crimped the metal casing and in the process, some shards were created in the metal that occasionally would fall into the cathode or anode."

Kay added that some of the fires were caused by the laptop being banged resulting in the shards piercing the isolator between the cathode and anode. This, in turn, caused the cathode and anode to come into contact, making a short circuit, and starting a fire. So, if your Dell is not getting knocked around, your machine won't fail in this way.

Is Anyone-Else Affected? This problem is not just limited to Dell laptops or even the faulty Sony batteries that Dell uses. It's an issue that has plagued lithium-ion batteries and the consumer electronics that depend on them.

The Dell recall is the largest-scale consumer-electronics recall seen... but it probably won't be the last. According to Kay, the same issues that affected Dell may affect any number of laptop manufacturers. So, don't be surprised if more recalls are to follow.
To reference this entry please copy the url in this link: (Permalink)

August 18, 2006 16:47 - Survey Shows 89 Percent Of Consumer PCs Are Infected With Spyware

Despite all the publicity about the dangers of spyware, computer infection is still increasing. Webroot spyware scan data from its "State Of Spyware Q2, 2006" report, shows that 89 percent of consumer PCs are infected with spyware. In the United States, home computers are infected with an average of 30 pieces of spyware.

The report points out that spyware is costly for home computer users – wiping out savings accounts, stealing identities and damaging computers. For instance, a Bank of America customer lost almost $90,000 when a Trojan horse captured his password and login information. Bank of America denied responsibility and has refused to reimburse the customer for his loss.

Why Are Home Users Particularly Affected?
Although there is an increase in the use of antispyware, home users protection from malware needs to be improved. The report points out that users should research which programs are the most effective at detecting and removing spyware. It is also now recognized that more than one spyware remover is necessary... no one program will remove all spyware.

It's also no use consumers relying on antivirus programs for spyware protection. Most anti-virus programs do not effectively detect and remove malicious spyware and the more complex adware threats, especially spyware programs that use encryption techniques and compressed algorithms.

The report also takes a swipe at users who guard privacy and security on the cheap by using free antispyware...

Free Antispyware Doesn't Cut The Mustard
Spyware writers are constantly modifying their programs and installation methods to avoid detection by using rootkits and driver-level technology to hide from anti-spyware.

The report says that many free anti-spyware programs simply aren't capable of finding these sophisticated spyware programs. As the Webroot Threat Research team discovered with a particularly malicious program -- “Trojan-Phisher-Rebery” -- online criminals use malicious Web sites, common software vulnerabilities, and keylogging software to harvest information from unsuspecting Web surfers.

Threats To Home Users Widen
Home computer users now have to face the fact that they can become infected by visiting mainstream Web sites. An example is MySpace, where spyware writers create false profiles to target the large base of teenagers and young adults using this popular Website.

Spammers also now use spyware to make their e-mail campaigns more successful.

What Is The Best Protection?
As spyware increases its sophistication in stealth installation and detection avoidance, not only is it important to use at least two effective antispyware programs, but users should also make it more difficult for spyware by ensuring their peripheral protection is up-to-date. Find out more at Review On Spyware And Adware Removal
To reference this entry please copy the url in this link: (Permalink)

August 21, 2006 17:12 - Inside The Workings Of A Botnet

When a researcher found a variant of the Mocbot Trojan hijacking unpatched Windows machines for use in IRC-controlled botnets, he looked to find a motive for the attacks.

Joe Stewart, a senior security researcher with LURHQ's Threat Intelligence Group, set up a way to silently observe the botnet's command-and-control infrastructure. His findings suggest that for-profit spammers are clearly winning the game against anti-virus providers.

"The lesson here is once you get infected, you are completely under the control of the botmaster. He can put whatever he wants on your machine, and there's no way to be 100 percent sure that the machine is clean," Stewart said in an interview with eWEEK. He added, "The only way to be sure the system is malware-free is to completely wipe the hard drive and reinstall the operating system."

The Motive Is Spam For Profit
After decoding some simply encrypted server code, he found that the botmaster was telling the infected machines to join another control channel to receive another encrypted message.

When further decoded, Stewart found the command is an instruction to download and execute a second file, a spam proxy Trojan named Win32.Ranky.fv. "The entire scheme of mass infection is simply to facilitate the sending of spam. The proxy Trojan is also a bot of sorts, reporting in to a master controller to report its IP address and the socks port for use in the spam operation," Stewart said.

The spam e-mails, being despatched from infected Windows desktops, represented a range of the typical junk mail. "It looks like this was a small, targeted attack for one simple reason. They wanted to stay under the radar. This is all about setting up small botnets and making money from spam. They could be the spammers themselves or the guys doing the dirty work and then renting the botnets to spammers," he said.

AntiVirus Fails To Detect Trojan
In the initial stages of the Mocbot attack, only one-third of anti-virus scanners tested by Stewart's research team were detecting the malware. "This was just a minor variant of something that was out there for months but the majority of scanners were missing it," he said.

"In this case, it was a spam proxy Trojan, but what if it was a rootkit? The rookits are getting so good these days that the programs we typically rely on to find and clean machines just can't see them. There is still the possibility that the spammers could slip in a rootkit to hide things forever," he said.

For more information on botnets, take a look at Botnets And Your Zombie PC Fix
To reference this entry please copy the url in this link: (Permalink)

August 28, 2006 20:20 - Adware And Spyware Fuelled By Financial Incentives

McAfee research shows that not only adware and spyware distributors abuse the affiliate marketing programs of legitimate companies, but they also use front companies and Web sites to reach unsuspecting users. This means that legitimate sites are finding themselves tied to known spyware distributors.

Programs are installed on a user's machine, often as the trade-off for 'free' software, and are used to collect marketing data and to distribute targeted advertising.

The main research findings were...
  1. According to McAfee SiteAdvisor, celebrities are a big attraction and the most prolific distributors of adware are the star and celebrity Web sites.
  2. Adware and spyware is increasing at an exponential rate. By May 2006, there were more than 700 adware families with more than 6,000 variants. Patrick Hayati, Regional Managing Director Middle East, McAfee, Inc. said, 'Since 2003, when adware and spyware emerged as dominant threats in the security environment, to 2006, we have seen the number of adware families rise by 448%, demonstrating a sharp increase over the last several years.
  3. A recent survey by McAfee SiteAdvisor found that 97% of Internet users could not differentiate safe from unsafe sites, meaning that the majority of users are just one click away from downloading potentially unwanted programs.
To reference this entry please copy the url in this link: (Permalink)

August 31, 2006 13:12 - 19,000 AT&T Customers Have Their Financial Details Stolen

The country's largest telecommunications operator, AT&T, said that crackers broke into one of its computer networks and stole credit card data and other personal information from several thousand customers.

The attack was discovered "within hours," the company said, prompting a shutdown of the store. No other parts of AT&T's site were affected.

AT&T said it was notifying "fewer than 19,000" customers by e-mail, phone and letter, whose data was accessed during the break-in. The company is also working with law enforcement officials and has notified financial services companies whose customers were affected.

So far, there is no indication that the hackers have used the financial information fraudulently, but AT&T said it would pay for credit monitoring services to assist in protecting the customers involved.

The company also said they are employing forensic teams to understand how the store was compromised.

Greg Wood, chief technology officer for BioPassword, a security authentication company said, "If the largest telecom company in the U.S. is having trouble, what does it say about the state of e-commerce in general?" Wood added, "We have a decent start on security, but there's a lot of work ahead. Companies have to be diligent managing risk and consumer identities."
Read the article

Learn more about identity theft and how to protect yourself

To reference this entry please copy the url in this link: (Permalink)

July 2006 « 


RSS Feed For This News

Guard Privacy Blog Home | Archives| Internet Privacy & Security Risks... News! | Guard Privacy... Hot New Topics | Spyware & Spyware Blockers... News! |