The Chinese gaming discs are from our collection, we supplied the grey oval Fresh Water Pearls and Julie had the divine, large Baroque Pearls. Handmade Palladium White Gold settings with hooks – recent commission for Julie Ewington.
Credential Stealing Trojan Tuesday, Jul 19 2011
arresting human intelligence and Blogroll and malcolm enright stats 6:27 pm
The bank alerted us three weeks ago, they told us there was a breach of our password and that a payment of $3,907.39 was sent out of the country. The bank was watching the use of the rogue IP address they used to log into our account - a different one than ours. The bank suggested we had entered our details into a false bank web page, they said from their end they could see that there was a Credential Stealing Trojan at work - not Identity Theft. We were told that an outside IT person should run the latest Nortons over the system here. Steve Thomson came and installed Norton's System Works 3.0 on Barbara's machine. The newer update didn't download, the 'virus definitions' - we had to get a newer version, Norton Internet Security (for the Mac) 4.1, we ran it, took 2.7 days and - no virus detected. We have never entered passwords into a false web page. The bank opened our account again and we set newer passwords, Friday week. The following Saturday morning our account was entered on their second password attempt, (I had used numeral ones and capital I's) and they got it on the second try. So they had a key logger in our network here and we had to find it? Steve was back and installed Norton's 4.1 (a separate install for every machine), ran that over my G5 and four external mirrored drives - no virus detected. The criminals were depositing other monies into our account and used my machine's IP address to do it! Then an email from PayPal saying that my account was 'limited', so I changed my password & questions online with the laptop and rang the PayPal Sydney operator and had the 'limited' kept in place as I was suspicious about our changing details and they may be watching . . . So I arranged for Steve to come here and be on the machines while we talked to the eFraud / Westpac IT man on the phone in Sydney. The only other thing the guy could think of was that they had gained entry via our locked wireless network - the Router! So Steve came over to my machine and opened the Router log and there they were . . . he quickly did as command A - selected all the log data and pasted it into an email and sent it to the sydney IT guy. Steve then moved over to Barbara's machine and picked up the phone and opened the log across the ethernet system and the log was deleted before his very own eyes. We closed down the wireless network, unplugged the Modem for 17 hours and when it turned on it was reset to another IP address. We then reinstalled newer systems on all four machines, changed all the passwords (wireless network first) then the sharing setups. Now the only way the Router will let any one in is by the individual Mac address of the computer . . . we are specifically limited. Our email accounts were compromised and emails were read every day, our own email addresses are all the same still, now that all the server passwords have been changed so they cannot see anything now. The July bank statement will show all, the bank lady says . . . . So all of our credit cards are changed and on the way to us, the account is still 'limited', we will now use 'token's' for every payment. When Barb is back we have to recreate all bank procedures and passwords, they go and change every other password we have used at every other entity we deal with. Again for Mac users, Keychain holds every password you use and logs all the use of them, well, locked or not thats the first thing they'll do is crack that and you are laid bare. We haven't enabled it, Steve is dubious of its strength and use in the scheme of things. So they either sat outside our place and with a Mac (because the bank has that Mac computer's ID they used), managed to unlock our locked network. Gained access to Barb's machine, found the passwords secret file on her machine and stayed lurking and logging every key action. They could also have gained access via a new 'Drive-by-Reflector' that would have come from a web page and installs itself inside a Browser (but not Safari, he says) . . . we don't actually know how they gained access. Scary - hey? Hope that helps . . . passwords should be at least 12 keys long with numerals, upper and lower case, shift characters and use all different strokes - no words, no running sequence of numbers like year of birth in 4 numerals. Don't become complacent just because the Mac operating system is "suposedly written correctly", malware is all over the internet and we are all under attack!