|
The folks over at Secure Science Corp. last week intercepted a mass e-mail attack sent to various U.S. military addresses that took advantage of a recently patched Office flaw to embed a password-stealing Trojan horse program in a PowerPoint presentation. Secure Science managed to locate the "dead drop" used by this attack (dead drops are basically databases set up to receive all of the username and password data stolen by Trojan horse programs). Consider this:They found 2,301 sets of online login credentials belonging to U.S. military personnel, potentially allowing access to various Department of Defense "service portals" such as MarineNet.mil and AKO (Army Knowledge Online). The scammers' database also held other login informaiton from victims, including user names and passwords for 221 Bank of America accounts, 5,524 Gmail accounts, and 1,842 sets of Hotmail credentials, just to name a few. excerpt from Washington Post
|
