[LINK] ArsT: Someone's had a whale of time with Ceridian

Roger Clarke Roger.Clarke at xamax.com.au
Wed Apr 11 21:08:59 AEST 2012 

[Can anyone nail down how long it tok for image-based authentication 
to be cracked?

[Mind you, this appears as if it might have been the dumbest level of 
image-based authentication, with a single image chosen (rather than a 
succession), and fixed presentation (rather than randomised).

[And payroll apps have always been literally a licence to print 
money;  so anyone who relies on the cloud for it deserves their fate.]


Off-the-shelf trojan targets cloud-based payroll service
By Dan Goodin | Published about 18 hours ago
10 April 2012
ArsTechnica
http://arstechnica.com/business/news/2012/04/off-the-shelf-trojan-targets-cloud-based-payroll-service.ars

Operators of an off-the-shelf botnet kit have unleashed new malware 
that can steal large sums of money by targeting cloud-based payroll 
service providers, a researcher from security firm Trusteer said on 
Tuesday.

A configuration of the Zeus-based malware specifically targets 
Canadian payroll provider Ceridian, according to a blog post by 
Trusteer CTO Amit Klein. When someone accesses the service with an 
infected PC, the malware captures a screenshot that includes a 
graphical icon previously selected by the user from the site's 
image-based authentication system. Combined with the user ID, 
password, and company number that the bot also acquires, the 
screenshot gives attackers everything they need to access private 
accounts on the service.

Over the past decade, crimeware kits such as Zeus, SpyEye, and 
Eleonore have offered countless updates that expand the types of 
online services targeted by the malware. Botnet operators have long 
used their wares to infiltrate payroll departments of small- and 
medium-sized businesses. The Zeus malware's ability to attack 
Ceridian is part of the regular update cycle in the malware black 
market.


-- 
Roger Clarke                                 http://www.rogerclarke.com/
			            
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Faculty of Law               University of NSW
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list