ATO bars 'Trojan-infected' tax agents

update The Australian Tax Office has restricted access to its Web site after discovering that a "small number" of tax agents have been infected by a Trojan, which has "stolen" their user IDs and passwords."Troj/Dumaru-BZ has infected a small number of tax agents' computer systems compromising their Tax Agent Portal user ID and password details.

update The Australian Tax Office has restricted access to its Web site after discovering that a "small number" of tax agents have been infected by a Trojan, which has "stolen" their user IDs and passwords.

"Troj/Dumaru-BZ has infected a small number of tax agents' computer systems compromising their Tax Agent Portal user ID and password details. As a precaution we have restricted impacted agents' access to the portal until their systems have been checked," said a warning posted on the ATO's Web site.

According to anti-virus firm Sophos, the Trojan is capable of capturing data in various forms, including information copied on a clipboard and "protected storage area of Windows," as well as cached passwords.

Sophos also warned that the Dumaru "looks" for financial information stored in certain applications, such as E-Gold, WebMoney, Total Commander and Far Manager.

An ATO spokesperson on Thursday told ZDNet Australia that only a "handful" of agents were hit by the Trojan.

"There were only about three agents affected so we are talking about very small numbers. Even though it is only a handful we have an obligation to warn all agents when this sort of thing happens and we take it very seriously," the spokesperson said.

Sophos issued a signature update against Dumaru on 8 March.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All