February 23, 2011

OddJob Can Rip You Off

Cybercriminals in Eastern Europe have a new weapon to steal from your online bank accounts. It’s called  OddJob, and unlike other conventional hacking tools, it doesn’t need to log in to your online bank account to steal from it. Instead, it hijacks your Microsoft Internet Explorer or Mozilla’s Firefox online banking session in real-time and steals so-called ID tokens while you’re using it.

The tokens are electronically issued by your bank to identify your online banking session. The crooks steal the tokens, put them into their own browsers so they can impersonate you while you’re still active online, and then they can do whatever you can do.

Oddjob can even keep your online banking session active after you’ve logged out so they take your money even after you think the session has ended.

The program can detect logout attempts and delete them, but you won’t notice the failed logout. Interestingly, the program doesn’t save it’s configuration on your computer. A new copy is downloaded when you go online so virus and malware programs never see it.

So here’s a tip to avoid being ripped off: if it seems your bank server is sluggish don’ t just close the bank page or shut down your browser — the session is still alive and you’re being ripped off. Call your bank immediately, ask for online security and tell them what’s happening.

Oddjob can be programmed to do other things on the Websites it targets in addition to ‘just’ stealing session information. It still being developed, apparently, because new features are added almost every week, but it can already also grab full pages of account data and inject malicious code into bank sites.

Related Posts

  1. Work At Home Scam Busting - 21 Signs of a Rip Off
0 Comment | Add a Comment | Tags:, , , , , , | Permalink

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>