Hackers pounce on Howard 'heart attack e-mail'

update Hackers may have captured the login details of around 750 Australian banking customers by circulating a trojan e-mail claiming the prime minister has suffered a heart attack, according to a security company.

Titled "John Howard, the current Prime Minister of Australia has survived a heart attack", the e-mail claims Howard suffered the heart attack while at Kirribilli House and is fighting for his life in hospital.

The e-mail then provides a link purporting to be an online news report. Users that click the link however are directed to a standard "404 error" page which downloads a trojan to their computer.

Joel Camissar, country manager for Websense, which has been tracking the scam, said the trojan monitored infected users' Internet activity. This included logging keystrokes, he said.

Websense has identified one of the servers used in the hacking attempts and is recording compromised IP addresses, as well as other data stored by the server. Hackers often did little to secure their own computers, said Camissar.

Of 2,500 users around the world infected by the trojan, around 30 percent, or 750 people, were from Australia, he said.

This data could include banking login details.

Websense claimed customers of the Commonwealth and Westpac banks may have had their account details captured.

However, both banks have denied the trojan had infected their systems. Westpac's systems had not been compromised by the trojan and the bank was unaware of any fraud losses as a result, according to a spokesperson.

A Commonwealth Bank spokesperson said its Web site had not been infected with the trojan. However, the Web site was not the issue, according to Camissar.

"The Commonwealth Bank Web site hasn't been compromised," Camissar said.

"But the trojan horse monitors user sites visited and sends back the [bank site] username and password to the server computer," he said.

The scam was not limited to Australia, according to Websense. Customers of banks across Europe and the US may also have had their passwords captured.

Websense was working with law enforcement authorities to find the scammers, he said.

Advertisement

Print feature brought to you by Adobe

Talkback 5 comments

    Malware Anonymous -- 21/02/07

    Very scary worm. I hope people take advantage of services like anonymizer.com to avoid malware like this in the future. Too vulnerable without it.

    Howard Heart Attack Email Anonymous -- 21/02/07

    What I want to know, is what people can do if their PCs may be infected!

    The real story Damon Hastings -- 21/02/07

    Okay, the real story here is that it's possible to be infected by a trojan merely by visiting a web page. This article focuses on a single exploit of that vulnerability, and thus the article is nearly irrelevant. The vulnerability is what matters. If it isn't patched soon, you could see millions of infections from more creative exploits in the very near future. If any hacker is able to smuggle the trojan onto even a single major website, he could net millions of victims.

    Does anyone know what browser(s) are affected? Is it just Internet Explorer 6? IE7? How long has Microsoft known about this vulnerability, and when will they fix it? I can't find any useful articles on the net -- they're all just clones of this one.

    The real story Anonymous -- 21/02/07 (in reply to #320075046)

    The real story is that there are a lot of gullible or unaware people out there. If you visit the sites in question, a message such as the following is displayed:

    502 Service Temporarily Overloaded

    Server congestion: too many connections: high traffic.

    Keep trying until the page loads. This can be a common occurrence at peak news times.

    Also try to shutdown your firewall and antivirus software.

    The last sentence should make some pennies drop, but apparently not for 750 people....

    i totally agree Anonymous -- 22/02/07 (in reply to #320075046)

    my mother clicked the link on her computer and i would like to know what the actual malware is??? i know that it is a trojan / keylogger (says in every article i have read) ... but what is it and who is doing what to fix it??? there is nothing posted anywhere that can help... just the same information on every media page... if its such a big thing then why arent we being told what is being done about it???

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Suzanne Tindal Sick of broken tender sites
    Some of the state governments desperately need to invest in more user-friendly tender sites so that looking for information on government tenders doesn't have to be a game of blind man's bluff.
  • Array Cyberwar: What is it good for?
    In this week's episode, Cyberwar. What is Australia's place in the world of digital warfare? What are the implications for the NBN?
  • Array Is wholesale-only backhaul just a pipedream?
    The potential acquisition of Pipe Networks by SP Telemedia has raised the question about whether vertically integrated backhaul providers will mean higher wholesale prices for ISP customers.
  • More blogs »

Tags

  1. 490 articles are tagged with 3g
  2. 43 articles are tagged with afact
  3. 14 articles are tagged with anu
  4. 1279 articles are tagged with apple
  5. 83 articles are tagged with asic
  6. 141 articles are tagged with ato
  7. 1308 articles are tagged with broadband
  8. 14 articles are tagged with cenitex
  9. 671 articles are tagged with cio
  10. 254 articles are tagged with conroy
  11. 393 articles are tagged with copyright
  12. 319 articles are tagged with court
  13. 47 articles are tagged with david thodey
  14. 156 articles are tagged with exchange
  15. 152 articles are tagged with firewall
  16. 1039 articles are tagged with government
  17. 790 articles are tagged with hp
  18. 1306 articles are tagged with ibm
  19. 224 articles are tagged with iinet
  20. 353 articles are tagged with iphone
  21. 289 articles are tagged with isp
  22. 11 articles are tagged with kim carr
  23. 36 articles are tagged with michael malone
  24. 1484 articles are tagged with microsoft
  25. 36 articles are tagged with mike quigley
  26. 53 articles are tagged with minchin
  27. 67 articles are tagged with minister
  28. 1127 articles are tagged with mobile
  29. 220 articles are tagged with national broadband network
  30. 400 articles are tagged with nbn
  31. 202 articles are tagged with new zealand
  32. 198 articles are tagged with nsw
  33. 61 articles are tagged with one.tel
  34. 930 articles are tagged with open source
  35. 885 articles are tagged with optus
  36. 16 articles are tagged with pdc
  37. 21 articles are tagged with pipe networks
  38. 173 articles are tagged with queensland
  39. 2653 articles are tagged with security
  40. 70 articles are tagged with separation
  41. 10 articles are tagged with sp telemedia
  42. 180 articles are tagged with stephen conroy
  43. 656 articles are tagged with sun
  44. 177 articles are tagged with sydney
  45. 232 articles are tagged with telco
  46. 61 articles are tagged with telecom nz
  47. 2447 articles are tagged with telstra
  48. 140 articles are tagged with tender
  49. 32 articles are tagged with tpg
  50. 177 articles are tagged with victoria

Back to top

Featured