from the malware-arms-race dept.
Weblver1 writes "A recent report by web security firm Finjan shows how easily data can be accessed on PCs by malware which circumvents existing defenses. With the use of obfuscated code, antivirus
software and static Web filters could not identify the scrambled attack code as a threat. The report walks through a real-life scenario of the infection
process step-by-step, and tracks what happens to the stolen data. This demonstrates how stealing sensitive data has become unbearably easy — especially, given the abundance of easy-to-use DIY crimeware toolkits. Finjan's report is available
here (PDF, registration required). Shortly after this report, Security firm RSA has released their findings
of a huge amount of stolen 'virtual wallets' in one of the largest discoveries of stolen data from computers compromised by the Sinowal trojan. While the trojan can be traced back to 2006, it managed to become more productive over time with frequent variants. Given the scale, ease of use, and hiding techniques making infections extremely difficult to find, no wonder today's crimeware achieves such 'impressive' results."
"Only a brain-damaged operating system would support task switching and not
make the simple next step of supporting multitasking."
-- George McFry