New virus infects ATM , steals money from banks

Moscow: Automatic Teller Machines (ATM) may not be a safe way of transaction anymore as a new software virus has been found out which infects ATMs to steal money from bank accounts of their users. Doctor Web and 'Kaspersky Lab, two major anti-virus software producers have discovered such virus in the networks of several bank ATMs, which is able to collect information from bank cards. This is a malicious program intended to infect and survive in ATMs. It is possible that new software will appear, aimed at illegitimately using banking information and removing funds," an official of the Kaspersky Lab was quoted as saying by RIA Novosti news agency. According to the official, the virus is a Trojan which is able to infect the popular American Diebold brand of ATMs, used in Russia and Ukraine. Judging by the programming code used, there is a high probability that the programmer comes from one of the former Soviet republics. The computer security experts say the number of infected ATMs is minimal but individual bank cardholders will not be able to detect whether an ATM is infected or not. However, banks can run security software to find out if their machines are at risk.

The Conficker Worm

Worried about the Conficker worm striking on April 1st? A few simple steps can protect you. Target: All users of Windows XP and Windows Vista. If you’re worried about the Conficker worm striking on April 1st, don’t be. On April 1st the Conficker worm will simply start taking more steps to protect itself. After that date, machines infected with the “C” variant of the worm may not be able to get security updates or patches from Microsoft and from many other vendors. The creators of the worm will also start using a communications system that is more difficult for security researchers to interrupt. The Conficker worm, sometimes called Downadup or Kido has managed to infect a large number of computers. Specifics are hard to come by, but some researchers estimate that millions of computers have been infected with this threat since January.

What does the Conficker worm do?

We don’t know the purpose of the Conficker worm. Today the worm has created an infrastructure that the creators of the worm can use to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites. The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

How does the worm infect a computer?

The Downadup worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.

Who is at risk?

Users whose computers are not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk. Users who do not have a genuine version of Windows from Microsoft are most at risk since pirated system usually cannot get Microsoft updates and patches.

Advice to Stay Safe from the Downadup Worm:

1. Run a good security suite (we are partial to Norton Internet Security and Norton 360).
2. Keep your computer updated with the latest patches. If you don’t know how to do this, have someone help you set your system to update itself.
3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
4. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.
5. Be smart with your passwords. This includes

1. Change your passwords periodically
2. Use complex passwords – no simple names or words, use special characters and numbers
3. Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.

6. Use a passwords management system such as Identity Safe track your passwords and to fill out forms automatically.

FAQ Q: Am I safe if I don’t go to questionable web sites? A: No. The Conficker worm seeks out computers on the same network. You can be in a coffee shop, an airport or in the office and the worm will quietly try to attach to your computer and run itself. Q: How do I know if I am infected? A: The best way to know if you are infected is to run a good antivirus product. One symptom that may indicate you are infected is finding that your computer is blocked from accessing the web sites of most security companies. Q: Can’t I just run free antivirus software? A: Yes, but free products often aren’t thorough or comprehensive. Worse, the internet is overflowing with fake free security scanners that actually infect your computer. Fake scanners such as “Antivirus 2008” are difficult to identify and have plagued hundreds of thousands of users around the world.

BJP's IT interest to be threat for Microsoft, telcos

Bharatiya Janata Party's (BJP) interest on IT development may prove to be a threat for software companies like Microsoft and top local telecom firms. The opposition party's leader LK Advani has promised to vehemently promote open-source software and internet telephony if the party comes to power in the upcoming elections. The party also plans for the release of one crore laptops with open source software to students, for which it has earmarked Rs.10,000 crore. The party also plans to allow unrestricted internet telephony. Microsoft India spokesman refused to comment on the speculations, as reported by The Economic Times. However, many of the experts feel that this move might not have a major impact on the software giant. "Open source has been there for a long time in the market now. Any promotional thing for open source will not make any significant difference to the major players. Both enjoy a very different kind of market and there is significant demand for both," says Akhilesh Tuteja, Executive Director of consulting firm KPMG. The IT companies in India also witness it to be a boon than a threat. "We believe the policy will help in improving IT industry in India through adoption of open standards and promotion of domestic web hosting industry. We hope other political parties will follow suit," said Sun Microsystem's country director Jaijit Bhattacharya.