trojan tricks victims into transfering funds

[Rome0]

Source: http://krebsonsecurity.com/

It’s horrifying enough when a computer crook breaks into your PC, steals your passwords and empties your bank account. Now, a new malware variant uses a devilish scheme to trick people into voluntarily transferring money from their accounts to a cyber thief’s account.

The German Federal Criminal Police (the “Bundeskriminalamt” or BKA for short) recently warned consumers about a new Windows malware strain that waits until the victim logs in to his bank account. The malware then presents the customer with a message stating that a credit has been made to his account by mistake, and that the account has been frozen until the errant payment is transferred back.

When the unwitting user views his account balance, the malware modifies the amounts displayed in his browser; it appears that he has recently received a large transfer into his account. The victim is told to immediately make a transfer to return the funds and unlock his account. The malicious software presents an already filled-in online transfer form — with the account and routing numbers for a bank account the attacker controls.

Another one good sheme with webinjects/autotransfer into botnet world

 

[Ninja]

Its pretty old idea, but good implementation.

 

[sergaj]

I want to install a botnet too.

 

[Rome0]

Its pretty old idea, but good implementation.

True .
But that always on Old plate we do the best meal