Caution: Do You Bank Online? in [Market-Ticker]

Posted 2012-10-08 08:17
by Karl Denninger
in Consumer

Caution: Do You Bank Online?

If so, you had better be paying attention -- and so better your bank.

There are reports circulating of an "impending" massive cyberheist operation that is targeted at consumers who use online banking services -- which is, unfortunately, a huge percentage of people.

There have been multiple "denial-of-service" attacks aimed at large banks over the last couple of months; you have probably seen the reports and might have even been impacted by them. This is a bit different, however, in that it looks like perhaps those were preparatory actions -- or intended to insert some sort of "worm."

In any event it's not good; reports are that the "ringmasters" are in Russia and Eastern Europe, long a hotbed of this sort of activity.

The gist of the attack is that most US banks do not require "two factor" authentication before initiating a wire transfer. This is especially important because once a wire transfer is confirmed it is really gone, and in general cannot be recalled. It appears that they intend to deploy (or may have already deployed!) trojan horse programs that capture keystrokes, obtain login information and then en-masse initiate wire transfers out of the United States from the victims' accounts before the banks can react, effectively draining huge sums of money and distributing the proceeds among the crooks.

Now there's always the possibility that the rather-brash braggadocio being displayed by the "distributors" of these threats and announcements is nothing other than a police sting operation. But in Russia nobody is ever really sure. My experience with cyberhackers is that the Chinese are more-interested in commercial advantage (e.g. stealing your source code, CAD drawings, etc) while the Russians and Eastern Europeans, if they break into your network, are more-likely to leave behind some sort of nasty that is intended to find a way to rob you financially. Both are bad news but for the consumer the Chinese hacker is pretty much an annoyance as you don't have what he wants. The Russian dude is a different matter entirely.

The biggest challenge is that today's hacker looking to rob you is more-interested in getting some sort of "quiet" keylogger or other trojan into your system. These are very difficult to detect, as they're not designed to disrupt your system's operation in any way -- just to look for anything that appears to be a password and then sending it on to the criminals. Do not be fooled if you're on a Mac into thinking you're impervious either -- and in particular be very careful with mobile devices, most of which are far weaker than their desktop counterparts when it comes to security.

I can't judge the credibility of this threat accurately, but it has attracted the attention of a fair number of folks who are sounding warning bells, and at least thus far the information appears to be reasonably credible. Tickerforum and my home network systems (which include a pretty-robust firewall) attract over a thousand penetration attempts on an average day, and sometimes become the target of various denial-of-service games. That's all in a day's "ordinary" for sites around the Internet; this is a bit different as the intent isn't to annoy or harass, it's to steal and you're the target.

Be wary.

Discussion below (registration required to post)

Main Navigation

Full-Text Search & Archives

Archive Access

Blogtalk 3:30 CT Mondays

Items To Look At

Discuss The Capital Markets along with daily technical analysis with our Gold Donor program.

Where We Are, Where We're Heading (2013) - The annual 2013 Ticker

Links and Blogroll

Our policy on reciprocal links: Send us an email with your information and why you think your blog or news site would make a good addition - in most cases reciprocal link requests will be granted.

Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.

NO MATERIAL HERE CONSTITUTES "INVESTMENT ADVICE" NOR IS IT A RECOMMENDATION TO BUY OR SELL ANY FINANCIAL INSTRUMENT, INCLUDING BUT NOT LIMITED TO STOCKS, OPTIONS, BONDS OR FUTURES.

The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Looking for "The Best of Market Ticker"? Check out Ticker Classics.

Visit the forum to discuss this and other investing-related topics; see the FAQ on the forum for information about Gold Donor status including access to our technical analysis video server.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be reproduced or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media or for commercial use.

Submissions may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Leads on stories of current economic and political interest are always welcome. Our fax tip line is 850-897-9364; please include contact information with your transmission.

User Info	Caution: Do You Bank Online? in forum [Market-Ticker]
Jotapay Posts: 16734 Incept: 2008-08-26 Austin, Tx	Thanks for the heads up. My local credit union (University Federal) requires a faxed form and a follow up phone call for verification to wire money. So I'm probably good. They are the best company I've ever done business with. 2012-10-08 08:26:52 Permalink
Bagbalm Posts: 4264 Incept: 2009-03-19 Just North of Detroit	I almost never have more than $3,000 in my account that has online access. I just put in enough for the monthly bills and most of that goes out the first week of the month. If it isn't there they can't steal it. 2012-10-08 08:40:45 Permalink
Bluebird Posts: 1381 Incept: 2008-05-02	Would this also apply to automatic social security deposits to an account, or automatic withdrawals for Medicare? 2012-10-08 08:47:51 Permalink
Cobra2411 Posts: 10352 Incept: 2007-06-26 Philly P.a.	I'm in a similar boat. The bank that has the bulk of my money requires written notification from me to transfer funds. I made them require originals. No fax, no email, only good old originals mailed or delivered in person. My other account is online, and might be vulnerable, but there is never more than a few thousand in there. I would be none to happy about it but not the end of the world. ---------- To err is human. To really **** things up takes government. 2012-10-08 08:50:44 Permalink
Blackswan Posts: 5564 Incept: 2007-11-06 Just outside of Philly	My employer uses PNC Bank. The website / log in was down the other day and they said it was due to hackers / security reasons. ---------- Its checkmate. Everywhere its checkmate. Hugh Hendry 2012-10-08 09:08:03 Permalink
If Posts: 1193 Incept: 2008-01-06	How do I combat this? Do I need to change all my passwords every week, every day? Would that even work if there is a way for them to know my password the minute I change it? Pull all my money out and stuff it in the mattress? Honestly, what am I to do? I don't have that much to begin with but I sure don't want to open my account and see a big fat 0. What a way to throw this nation into a state of chaos, no? ---------- I finally took the red pill. I have a lot of catching up to do. Please excuse my ignorance. 2012-10-08 09:14:24 Permalink
Bluebird Posts: 1381 Incept: 2008-05-02	What if it is an account (checking or savings) that holds money. You have online access to check on the balance, but don't do any transferring of money. Could the criminals use my signin to the account, to initiate a transfer of my money to them? 2012-10-08 09:20:28 Permalink
Genesis Posts: 130799 Incept: 2007-06-26	Yep. ---------- I don't care* if it makes sense -- only if it makes money. -- Me* Bank (n): See scam, fraud and theft. *Eat a bankster -- they're low-carb.* *What part of "shall not be infringed" was unclear?* 2012-10-08 09:20:57 Permalink
Gable Posts: 413 Incept: 2009-07-04	Anyone know of any good applications that detect keyloggers? ---------- In all of history, no government became more honest, less corrupt, or granted its citizens more rights as it grew in size. E.L. 2011 Ellie's Law-As an online discussion about the failures of the Obama Administration continues, the probability someone shouting "It's Bush's Fault" approaches 1 2012-10-08 09:23:55 Permalink
Genesis Posts: 130799 Incept: 2007-06-26	You need something on an UNRELATED machine (e.g. your firewall) that looks for ANY unsolicited outgoing packets to places you did not transmit in some form (e.g. UDP datagrams going to "odd" places, or TCP connections being initiated that are questionable.) ---------- I don't care* if it makes sense -- only if it makes money. -- Me* Bank (n): See scam, fraud and theft. *Eat a bankster -- they're low-carb.* *What part of "shall not be infringed" was unclear?* 2012-10-08 09:26:04 Permalink
Bluebird Posts: 1381 Incept: 2008-05-02	Holy crapoli! Maybe I will go back to writing checks :( 2012-10-08 09:26:26 Permalink
Dusty88 Posts: 126 Incept: 2011-10-21	Quote: You need something on an UNRELATED machine (e.g. your firewall) that looks for ANY unsolicited outgoing packets to places you did not transmit in some form (e.g. UDP datagrams going to "odd" places, or TCP connections being initiated that are questionable.) Huh? 2012-10-08 09:36:19 Permalink
Jotapay Posts: 16734 Incept: 2008-08-26 Austin, Tx	Quote: Huh? Unfortunately, if you don't want to get butt***ed somehow some day, you have to understand the technological world that we live in. You need to monitor all of your home's traffic that goes through your personal firewall at your house that you presumably set up and configured. Quote: How do I combat this? Do I need to change all my passwords every week, every day? If you don't know the security level of your current situation, then you need to start over. Wipe one machine completely (delete and recreate all the partitions) with a new OS and cross your fingers that it doesn't have any back doors in the bios. Once that computer is back online, change all your passwords with that computer. Afterwards, do not log into those sites with any other computer that you don't completely trust. If you have to, for some reason, make sure you go back to your clean computer and change the password immediately afterwards. Do not install stupid dumbass software that you don't completely trust on the clean computer. Keep the software installs at a minimum, especially if it's some dinky driver from some third party software vendor in China. Do not install any toolbars or other malware when you obviously should know better. Use your head. 2012-10-08 09:48:06 Permalink*
Natew Posts: 66 Incept: 2009-12-16 IN	Does the secondary authentication needed for logging in help? IE with chase I need to 'register' the machine with a texted or called number to verify the machine. Not that I have a ton of money that would be a huge score but several 1000's we are saving for a down payment on investment property would be a big loss. 2012-10-08 09:54:24 Permalink
Jotapay Posts: 16734 Incept: 2008-08-26 Austin, Tx	Quote: Does the secondary authentication needed for logging in help? IE with chase I need to 'register' the machine with a texted or called number to verify the machine. The keylogger would just need to trap and transmit the secondary login information from yourself and then it would be compromised. The timing would need to be correct for you to reveal that info to the keylogger, so a bit of luck would be involved. IT security is a bit like the "campers and the bear" scenario. When a bear invades your campsite and wants to eat one of the campers, you don't need to run faster than the bear. You just need to run faster than your fellow campers. By taking more security precautions than Joe 6 Pack, you're already making it more difficult than average for someone to get your information. The more barriers you put up that they have to circumvent, the more likely you will remain unmolested because there's millions of easier prey out there. 2012-10-08 10:03:04 Permalink
Turningtide4536 Posts: 33 Incept: 2011-12-16	Massive fund transfer? Well, since 99.99% of people aren't as prudent and computer savvy as Karl, this sounds like the coup de grace to the US financial system. Last modified: 2012-10-08 10:22:48 by turningtide4536 2012-10-08 10:05:23 Permalink
Aquapura Posts: 131 Incept: 2012-04-19 Land of 10,000 taxes	Hmm, my bank requires two, actually 3, factor identification just to access my online banking. Not sure about wire transfers. I'm thinking not. Didn't need more **** to worry about. 2012-10-08 10:07:18 Permalink
Sean Posts: 1766 Incept: 2009-04-21	Have not even started reading this ticker yet and the answer is NO! I work within a 3 min walk of my bank - enough said. ---------- * I think Ann Barnhardt is more and more right. God help us! * Progressives / Marxists / Communists are many things, STUPID and IMPATIENT are not two of them. * A hot civil war is coming. * And people wonder why I prep! 2012-10-08 10:11:08 Permalink
Grumpygirl Posts: 2860 Incept: 2008-09-18 Oregon	Thank you, Karl. I've got emails in to the credit unions I do business with about whether they require "two factor" authentication before initiating a wire transfer. Their replies should be interesting. 2012-10-08 10:52:07 Permalink
Wineaux Posts: 533 Incept: 2009-03-23 pure Liquid pleasure	My wife has a German Deutsche Bank account. To conduct online banking they send you a sticker book to be used for authentication purposes. Everytime you log on in addition to the username, password, computer recognition stuff, she has to enter in the numbers on the sticker. The stickers are one time use and peel off the page to be discarded. ---------- What wine goes with unemployment? 2012-10-08 10:52:49 Permalink
Rentier Posts: 195 Incept: 2010-06-19	keyloggers...Zzz easy work around. keepass and roboform. 2012-10-08 10:56:11 Permalink
Bsfootprint Posts: 967 Incept: 2011-02-27	Quote: Anyone know of any good applications that detect keyloggers? Network traffic is really the only practical way to do it in Windows AFAIK. Microsoft provides a way for programmers to 'hook' (intercept) keyboard input, but there's no officially supported way (that I've found) to determine if any programs have done so. And even if there was a way to do that, motivated hackers would just find other ways to 'hide' the keylogger programs. Sigh. So yeah. You have to monitor outgoing traffic for suspicious patterns. If you don't know how (or don't want) to do that, they you will never know. ---------- When I hear central bankers are blowing bubbles, I like to picture a large, happy and well-endowed male chimp* named 'Bubbles'...* Last modified: 2012-10-08 11:34:40 by bsfootprint 2012-10-08 11:00:58 Permalink
Thelazer Posts: 33 Incept: 2009-05-11 Davenport, Fl	My Bank, provides a separate electronic token, that must be used each time a wire is sent out. On top of that, the wire room calls quite often within 3 mins of me submitting the wire to verify by phone. Not to worried about it. 2012-10-08 11:02:05 Permalink
Iridiculous Posts: 103 Incept: 2009-12-05 Seattle	Where are these reports circulating? Where can I find some more information? 2012-10-08 11:18:20 Permalink

Quote:

Quote:

Quote:

Quote:

Quote: