Monday, January 22, 2007

Nordea subject to phising attack (loses $1.14 million)

Automatiseringsgids and Itwire report that criminals have robbed Nordea by sending a 'security-mail' to clients, asking them to use anti-spam-software. This software installed an additional trojan horse (haxdoor.ki) that harvested the customer's login data when they logged on to Nordea. By harvesting this information, the crooks robbed 250 Nordea users from an amount of in total 1.14 million US dollar.

Nordea has given the victims their money back. And while the technical trace ended in a serverpark in Russia, the Police in Sweden have already arrested over 100 middlemen in Sweden, who it would seem were working with the Russian hacker criminals.

Next up is a huge discussion on the possibility of man in the middle attacks. Wich is better. A two-factor authentication in which you use an additional device for secutiry-codes. Or would a traditional extra security code (distributed off-line or via SMS) be a better alternative. Interesting to note that this latter method, in use by the Postbank and sometimes discarded here in the Netherlands as user-unfriendly or less advanced/safe, is actually the more secure one.