Saturday, November 1, 2008

Trojan virus steals banking info

By Maggie Shiels
Technology reporter, BBC News, Silicon Valley

Computer keyboard
Sinowal infects victims' computers without leaving any trace

The details of about 500,000 online bank accounts and credit and debit cards have been stolen by a virus described as "one of the most advanced pieces of crimeware ever created".

The Sinowal trojan has been tracked by RSA, which helps to secure networks in Fortune 500 companies.

RSA said the trojan virus has infected computers all over the planet.

"The effect has been really global with over 2000 domains compromised," said Sean Brady of RSA's security division.

He told the BBC: "This is a serious incident on a very noticeable scale and we have seen an increase in the number of trojans and their variants, particularly in the States and Canada."

The RSA's Fraud Action Research Lab said it first detected the Windows Sinowal trojan in Feb 2006.

Since then, Mr Brady said, more than 270,000 banking accounts and 240,000 credit and debit cards have been compromised from financial institutions in countries including the US, UK, Australia and Poland.

The lab said no Russian accounts were hit by Sinowal.

"Drive-by downloads"

RSA described the Sinowal as "one of the most serious threats to anyone with an internet connection" because it works behind the scenes using a common infection method known as "drive-by downloads"."
sinowal trojan graph from rsa lab
Sinowal has been constantly updated with new variants

Users can get infected without knowing if they visit a website that has been booby-trapped with the Sinowal malicious code.

Mr Brady said the worrying aspect about Sinowal, which is also known as Torpig and Mebroot, is that it has been operating for so long.

"One of the key points of interest about this particular trojan is that it has existed for two and a half years quietly collecting information," he said. "Any IT professional will tell you it costs a lot to maintain and to store the information it is gathering.

"The group behind it have made sure to invest in the infrastructure no doubt because the return and the potential return is so great."

RSA's researchers said the trojan's creators periodically release new variants to ensure it stays ahead of detection and maintain "its uninterrupted grip on infected computers."

While RSA's lab has been tracking the trojan since 2006, Mr Brady admitted that they know a lot about its design and infrastructure but little about who is behind Sinowal.

"There is a lot of talk about where it comes from and anecdotal evidence points to Russia and Eastern Europe. Historically there have been connections with an online gang connected to the Russian Business Network but in reality no one knows for sure."

That he said is because the group is able to use the web to cloak its identity.


In April 2007, researchers at Google discovered hundreds of thousands of web pages that initiated drive-by downloads. It estimated that one in ten of the 4.5 million pages it analysed were suspect.

Sophos researchers reported in 2008 it was finding more than 6,000 newly infected web pages every day, or about one every 14 seconds.
Debit card and cash
Since May, Sinowal has compromised over 100,000 online bank accounts

RSA's fraud action team said it noticed a spike in attacks from March through to September this year.

That is backed up by another online security company called Fortinet. It said from July 2008 to September 2008 the number of reported attacks rose from 10m to 30m. This included trojans, viruses, malware, phishing and mass mailings.

"The explosion in the number of attacks is alarming," said Derek Manky of Fortinet.

"But trojans are just one of the players in the game wreaking havoc in cyberspace."


While attacks are on the increase, there are some simple steps that users can take to protect their information besides using security software.

"We have a saying here which is 'think before you link,'" said Mr Manky.

"That just means observe where you are going on the web. Be wary of clicking on anything in a high traffic site like social networks.

"A lot of traffic in the eyes of cyber criminals means these sites are a target because to these people more traffic means more money," he said.
sinowal trojan raph from rsa lab
The rate at which Sinowal has been compromising online bank accounts

RSA also urged users to be wary if their bank started asking for different forms of authentication such as a social security number or other details.

"People think not clicking on a pop up or an attachment means they are safe. What people don't realise now is that just visiting a website is good enough to infect them."

RSA said it is co-operating with banks and financial institutions the world over to tell them about Sinowal. It has passed information about the virus to law enforcement agencies.

2,390 Chinese infants still in hospital over milk scandal

BEIJING, Oct. 29 -- China's Ministry of Health said Wednesday that 2,390 infants nationwide were still receiving hospital treatment for kidney diseases caused by tainted powdered milk.

One was in a serious condition, the ministry said.

The number of baby patients in hospital dropped by one-third from a week ago when more than 3,600 infants were still hospitalized.

It said 48,514 children had recovered and left hospital since milk powder produced by Sanlu Group was found to contain the banned chemical melamine in mid September.

On Wednesday alone, 90 children were newly hospitalized and 218had recovered, the ministry said.

More than 4,500 medical institutions nationwide had conducted free treatment and examination of children feared to have been poisoned in the scandal.

FDA approves new drug to treat overactive bladder

WASHINGTON, Oct. 31 -- The U.S. Food and Drug Administration has approved a new drug, Toviaz (fesoterodine fumarate), to help patients suffering from overactive bladder (OAB), according to a statement by the agency on Friday.

The drug works by relaxing the smooth muscle tissue of the bladder, thus reducing the urinary frequency, urge to urinate, and sudden urinary incontinence, that are characteristic symptoms of OAB.

"Patients who suffer from overactive bladder face quality of life issues that can hamper their ability to enjoy life to its fullest," said George Benson, deputy director, Division of Reproductive and Urologic Products at the FDA's Center for Drug Evaluation and Research. "This new drug will provide an additional treatment option to help them manage problems with an overactive bladder."

Toviaz is manufactured by Schwarz Pharma of Zwickau, Germany and is distributed by Pfizer Inc. of New York, N.Y.. The drug will be available by prescription only, as an extended release tablet in either 4 mg or 8 mg dosage strengths. It is to be administered once daily. The recommended starting dose is 4 mg, which can be increased to 8 mg if needed, based upon individual response and tolerability. Toviaz is only approved for adults.


Simple blood test predicts obesity

WASHINGTON, Oct. 31 - According to new research by U.S. scientists, the degree of change in blood triglyceride levels following a fatty meal may indicate susceptibility to diet-induced obesity.

The findings, published in the International Journal of Obesity and available here on Friday, open doors to new methods of identifying people, including children, who are at risk for becoming obese.

Triglycerides are a form of fat that is transported in the blood and stored in the body's fat tissues. They are found in foods and also are manufactured by the body.

"These findings suggest we may someday be able to use a simple blood test to identify those at risk for obesity," said senior author Mark Friedman, the researcher at Monell Center. "The ability to identify more susceptible individuals would make it possible to target obesity-prevention resources on those who need them most.

The global obesity epidemic is thought to be caused in part by consumption of a diet high in fat and carbohydrates, which promotes weight gain. This propensity to gain weight and become obese when consuming a high-fat diet is at least partially controlled by genes, with some individuals gaining more than others while eating the same diet.

The researchers screened rats for vulnerability to diet-induced obesity by measuring the increase in blood triglyceride levels following a single high-fat meal. They then fed the rats a diet high in fat over the next four weeks.

They were able to predict which animals would become obese over the four-week period by examining the earlier metabolic response to the high-fat meal: the smaller the triglyceride change, the greater the weight gain.

There currently are no simple biomarkers for predicting susceptibility to diet-induced obesity, and thus no clinical tests that assist physicians in identifying those at risk for becoming obese. The current findings suggest that a change in blood triglyceride levels may someday be used as such a tool.

Future studies will entail a thorough investigation of the mechanism behind differences in the change in blood triglycerides.

Tuesday, October 28, 2008

Neang Koy and Krem