Massive bank cyberattack planned

Security firm McAfee on Thursday released a report warning that a massive cyberattack on 30 U.S. banks has been planned, with the goal of stealing millions of dollars from consumers’ bank accounts.

RSA startled the security world with its announcement that a gang of cybercriminals had developed a sophisticated Trojan aimed at funneling money out of bank accounts from Chase (JPM, Fortune 500), Citibank (C, Fortune 500), Wells Fargo (WFC, Fortune 500), eBay (EBAY, Fortune 500) subsidiary PayPal and dozens of other large banks. Known as “Project Blitzkrieg,” the plan has been successfully tested on at least 300 guinea pig bank accounts in the United States, and the crime ring had plans to launch its attack in full force in the spring of 2013, according to McAfee, a unit of Intel (INTC, Fortune 500). (McAfee was founded by John McAfee, who is wanted for questioning as part of a Belize murder investigation, but he no longer has any ties to the company.) Continue reading

Pentagon Attacked by Computer Virus

A computer virus that destroys documents and spreads to other networks recently infected computers at the Pentagon, the Defense Information Systems Agency (DISA) said on Thursday.

One of the Pentagon’s hundreds of networks “recently identified an infection after having issues opening Word and Excel documents,” DISA said in a statement.

Dmitri Alperovitch, a computer security specialist, told the Free Beacon, that the sophisticated attack software most likely originated from a foreign government, possibly China.

According to an Aug. 31 McAfee threat alert, the virus has two names: W32/XDocCrypt.a, and W32/XDocCrypt.b, that “parasitically infects” Microsoft Office Word, Excel, and related executable files.

The virus appears to be designed to destroy or disable documents by first encoding its contents using an encryption program, and then replacing the document with a malicious software file that the encrypted data attached to it. The original data is eventually deleted if the infection is not detected and steps are not taken to recover the documents.

The virus also replicates itself and spreads to other computers.

“The infection routine searches for files with ‘.doc’, ‘.xls’ or ‘.exe’ in the file name, and tries to infect them,” the report said.

To prevent digital infections, the security firm recommended blocking five Internet addresses: 184.82.162.163, 184.22.103.202, attow.com.br, http://www.zugo-bikes.com, forum.perfect-privacy.com.

Full article: Pentagon Attacked by Computer Virus (Washington Free Beacon)