Accessing online account from Windows just once cost Mac user $100,000

Accessing online account from Windows just once cost Mac user $100,000

Summary: Cut a long story short, there was a password stealing Trojan on the PC and criminals accessed the bank account and pulled out $100,000 in $5,000 and $10,000 chunks.

SHARE:

This is a pretty scary story:

David Green normally only accessed his company’s online bank account from his trusty Mac laptop. Then one day this April while he was home sick, Green found himself needing to authorize a transfer of money out of his firm’s account. Trouble was, he’d left his Mac at work. So he decided to log in to the company’s bank account using his wife’s Windows PC.

Cut a long story short, there was a password stealing Trojan on the PC and criminals accessed the bank account and pulled out $100,000 in $5,000 and $10,000 chunks.

Now, it's easy to think that this guy would have been protected if he'd had proper, up-to-date antivirus installed on his PC. Well, as Brian Krebs points points out, maybe not ...

What’s more, the tools these crooks are using — mainly the Zeus Trojan — almost always outpace anti-virus detection at least by a few days, and by then it’s usually too late.

The question is, who or what to blame? Is it user error? Is it the fault of Windows? Is it the bank's fault?

Another question worth asking is this - Is Windows just far too big and juicy (and easy) a target for hackers that folks still using the platform for sensitive work as asking for trouble? After all, there's absolutely no questioning the fact that this attack would not have worked on the Mac or Linux platform. This firm lost $100,000 due to using Windows. Period.

Oh, and if you do have good security practices in place, make sure you use them ALL THE TIME!!!

Topics: Banking, Apple, Hardware, Operating Systems, Security, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

80 comments
Log in or register to join the discussion
  • The timing of this is too delicious #1

    I have your apology right here:<br>before the flame war begins. it is a trojan, people. something a user has to single handily download from a certain website and installing it on a computer by giving a password. one at a time. trojans have been available for the mac forever. viruses and worms don't. so nothing new here. <br><br>and please all those who don't know the difference between viruses and worms on one hand and trojans on the other, please don't apply.<br><br>so, now, i'll get some popcorn ...<br><br>Thanks banned from zdnet!!
    http://www.zdnet.com/tb/1-82576-1578538?tag=talkback-river;1_82576_1578538
    NonZealot
    • RE: Accessing online account from Windows just once cost Mac user $100,000

      @NonZealot

      Considering Windows is very vulnerable to drive by attacks where you don't have to explicitly install anything (especially XP) it's very likely the user didn't know this app was installed.

      But then again you're pro Microsoft so they can do no harm.
      itguy08
      • 2 things

        @itguy08
        [i]it's very likely the user didn't know this app was installed[/i]

        Read the article moron:
        [i]there was a password stealing [b]Trojan[/b][/i]

        All the Apple apologists swear and stomp and scream and froth that no OS can protect a user from a trojan.

        Second, I'll remind you that at PWN2OWN every year, OS X fell first, within seconds, to drive by attacks. It is actually OS X that is very vulnerable to drive bys. :)
        NonZealot
      • Sure thing, itguy08. Or maybe it was something like this

        <a href="http://www.zdnet.com/blog/security/malware-watch-free-mac-os-x-screensavers-bundled-with-spyware/6560?tag=mantle_skin;content" target="_blank" rel="nofollow">http://www.zdnet.com/blog/security/malware-watch-free-mac-os-x-screensavers-bundled-with-spyware/6560?tag=mantle_skin;content</a><br><br>You anti-MS [losers] never have a clue, but still post anyhow.
        John Zern
    • Linux Live CD

      @NonZealot If you can point us to any version of Windows that runs from a CD as various Linux distros are able to do, then maybe there would be no flame war. For all the "this happens with every OS" claims that are ignorantly posted, no it doesn't. Although those Live CDs do require updates to patch apps which have since then been updated, I can always build an up-to-date ISO. Heck, I can boot from a USB key in read only mode, or even mount my partition as read-only.

      Maybe Windows should only be used within a VM. Maybe after every shutdown, the image should be reverted, and the image should only be modified with security updates, but always revert to the saved version once shut down.
      davidr69
      • RE: Accessing online account from Windows just once cost Mac user $100,000

        @davidr69 just an FYI, that is the system Microsoft uses with all of their websites... they run in VM's and there is no firewall/anti-virus protection running on the webservers, just an app that checks for "changes" if any file is modified the VM is brought down and reverted to a previous snapshot with 20-60 minutes of the change, also the account passwords on these VM's are changed everytime the VM is launched (so reverting to a snapshot of the system restarts the VM with new account passwords), this renders any attempted hacking obsolete within an hour. Sure you can hack a M$ website, but you only get a limited time to do it in before it is reverted and negated and they have UNLIMITED RESOURCES TO FIND YOU.

        Very secure practice, all data that is changed is hosted on separate datastores with a much higher level of protection than is available to the public.
        aiellenon
      • RE: Accessing online account from Windows just once cost Mac user $100,000

        @davidr69
        http://www.ubcd4win.org

        Runs Windows XP from a PE CD or a USB flash drive, and you can do practically anything you'd need to while using it. Including surfing the web and email. I've used this program for a few years now, mostly for repairing computers, but it's quite possible to run your computer with it.
        BrewmanNH
      • Windows running from Live CD is possible!

        @davidr69 I also like Linux and the live CD's. But, there is the possibility to run Windows from a live CD. It can be done with Bart PE. I made such a CD sometime in the past and it is very handy to do so. You can download Barts PE builder at http://www.nu2.nu/pebuilder/
        Computer_User_1024
    • I thought of this post immediately.

      @NonZealot

      Let's see how they spin this one.
      ye
    • RE: Accessing online account from Windows just once cost Mac user $100,000

      @Adrian
      "Free apps install spyware on Macs" is d title of an article i just finished reading on zdnet a moment before I saw this one!
      I wonder what that malware does? Hmmm... steal passwords maybe??
      oscardetoy@...
    • RE: Accessing online account from Windows just once cost Mac user $100,000

      @NonZealot
      Even your pea brain can understand this....

      "before the flame war begins. it is a trojan, people. something a user has to single handily download from a certain website and installing it on a computer by giving a password."

      On Windows systems that are vulnerable to drive by attacks the user needs to do nothing to have this crap installed. This is not true for other OS's at this time.

      "Second, I'll remind you that at PWN2OWN every year, OS X fell first, within seconds, to drive by attacks. It is actually OS X that is very vulnerable to drive bys."

      Did it really? Funny here:
      http://www.computerworld.com/s/article/9174101/Hacker_busts_IE8_on_Windows_7_in_2_minutes?source=rss_news

      IE 8/Win 7 - 2 mins. And those guys won the prize.

      Wake me when there are real drive by attacks for OS X.
      itguy08
      • Liar

        @itguy08 <br><i>This is not true for other OS's at this time.</i><br><br>This is a lie. A pure lie. OS X is more vulnerable to drive bys than Windows, as proven over and over again at PWN2OWN. In the first PWN2OWN, OS X was the <b>only</b> OS to get PWNED by a drive by <b>with absolutely no 3rd party software installed on it.</b> Windows and Linux both survived day 2. OS X was the only one that fell on day 2. When Windows fell on day 3, it was actually due to a vulnerability in Flash, something that is <b>not installed by default on Windows</b>.<br><br>So you are lying when you say other OSs are not vulnerable to drive bys.<br><br><i>Did it really? Funny here:<br><br>IE 8/Win 7 - 2 mins. And those guys won the prize.<br></i><br><br>So OS X didn't fall to a drive by and your proof of this is that Windows did? I hope you never get accused of murder because I can just see your defense: <i>Your honor, I couldn't have murdered the victim because someone else committed a murder last month!</i><br><br>Are you seriously that stupid?<br><a href="http://www.computerworld.com/s/article/9174078/iPhone_Safari_IE8_Firefox_all_fall_on_day_one_of_Pwn2Own?source=toc" target="_blank" rel="nofollow">http://www.computerworld.com/s/article/9174078/iPhone_Safari_IE8_Firefox_all_fall_on_day_one_of_Pwn2Own?source=toc</a><br><i>Hackers took down <b>Apple's iPhone and Safari browser</b>, Microsoft's Internet Explore 8 (IE8) and Mozilla's Firefox within minutes at today's Pwn2Own contest, as expected.</i><br><br>So what were you saying about OS X being immune to drive bys?
        NonZealot
      • RE: Accessing online account from Windows just once cost Mac user $100,000

        @itguy08: [i]Wake me when there are real drive by attacks for OS X.[/i]

        Is that what you're going to tell this guy? That it's OK he lost $100K because it wasn't a drive by attack? Seriously?
        ye
    • So, now, I'll get some popcorn...

      Hey, if popcorn is your snack of choice while you read about costly Windows vulnerabilities, enjoy.<br><br>"Is Windows just far too big and juicy (and easy) a target for hackers that folks still using the platform for sensitive work as asking for trouble?"<br><br>Sure looks like it... munch, munch...<br><br>"After all, theres absolutely no questioning the fact that this attack would not have worked on the Mac or Linux platform. This firm lost $100,000 due to using Windows. Period."<br><br>Mmm... crunch, crunch... delicious...
      buddhistMonkey
    • I'm grabbin some popcorn as well

      @NonZealot Agreed. This is a case where the user - perhaps his wife as it was her PC that had the trojan - downloaded (unknowingly) the trojan. NOT a virus. User error.
      athynz
    • Same Ol' bush league journalism

      If you leave the key in the car and lose it to a thief then let's blame the manufacture for not producing a more secured car. Just red herring all over again.
      LBiege
    • Bottom line

      If he had used his Mac laptop this wouldn't have happen to him, the exploit was Windows based.

      Get over it zipper head, these are the facts of THIS story, not some other story.
      @NonZealot
      GoPower
      • Can we be certain it wasn't his Mac?

        @GoPower: They're assuming it was the PC:

        http://www.zdnet.com/blog/security/malware-watch-free-mac-os-x-screensavers-bundled-with-spyware/6560?tag=content;selector-blogs
        ye
  • The timing of this is too delicious #2

    I have another apology right here:
    No OS can protect users from themselves (or we wouldn't be able to install any software). Do not download and authorize the installation of applications (Trojans) from untrusted sources.

    Thanks again, banned from zdnet!!
    http://www.zdnet.com/tb/1-82576-1578611?tag=talkback-river;1_82576_1578611
    NonZealot
    • RE: Accessing online account from Windows just once cost Mac user $100,000

      @NonZealot Apparently being the underdog in overall PC market share has its advantages. Why go after a few million when you can just as easily reach out to several billion?

      Windows Users
      Preferred target for criminals around the world
      josegaldamez