The details of around 500,000 online bank accounts and credit and debit cards have been stolen by a virus described as "one of the most advanced pieces of crimeware ever created".

The Sinowal trojan has been tracked by RSA, which provides security solutions for Fortune 500 companies.

RSA said the trojan virus has infected computers all over the globe.

"The effect has been really global with over 2000 domains compromised," said Sean Brady of RSA's security division.

He told the BBC: "This is a serious incident on a very noticeable scale and we have seen an increase in the number of trojans and their variants, particularly in the States and Canada."

The RSA's Fraud Action Research Lab said it first detected Sinowal in Feb 2006.

Since then, Mr Brady said, more than 270,000 banking accounts and 240,000 credit and debit cards have been compromised from hundreds of thousands of financial institutions in countries including the US, UK, Australia and Poland.

The lab said no Russian accounts were hit by Sinowal.

"Drive-by downloads"

RSA described the Sinowal as "one of the most serious threats to anyone with an internet connection" because it works behind the scenes using a common infection method known as "drive-by downloads". Users can get infected without knowing if they visit a website that has been booby-trapped with the Sinowal malicious code.

Mr Brady said the worrying aspect about Sinowal, which is also known as Torpig and Mebroot, is that it has been operating for so long.

"One of the key points of interest about this particular trojan is that it has existed for two and a half years quietly collecting information," he said. "Any IT professional will tell you it costs a lot to maintain and to store the information it is gathering.

"The group behind it have made sure to invest in the infrastructure no doubt because the return and the potential return is so great."

RSA's researchers said the trojan's creators periodically release new variants to ensure it stays ahead of detection and maintain "its uninterrupted grip on infected computers."

While RSA's lab has been tracking the trojan since 2006, Mr Brady admitted that they know a lot about its design and infrastructure but little about who is behind Sinowal.

"There is a lot of talk about where it comes from and anecdotal evidence points to Russia and Eastern Europe. Historically there have been connections with an online gang connected to the Russian Business Network but in reality no one knows for sure."

That he said is because the group is able to use the web to cloak its identity.

Posted by Justin Payton in Adware, Spyware and Trojans at 09:51

Several election watch dog groups have sent an advisory to election officials warning them about a problem with Premier Election Solutions' vote tabulating software that could cause the system to lose votes.

Premier (formerly called Diebold Election Systems) disclosed the problem in August after officials in Butler County, Ohio, discovered that 150 votes were dropped from a memory card during the state's March primary. Ten other Ohio counties discovered their system had dropped votes as well when vote totals on the memory card were uploaded to a county server. The problem occurred when officials tried to upload multiple memory cards at once.

All of the votes were recovered, but Ohio officials had to expend considerable time and energy to retrieve them and make sure all were accounted for.

The flaw is in Premier's Global Election Management System (GEMS), which is used in at least 31 states. GEMS software sits on a computer system at a county's election headquarters and is used to tabulate votes cast on both touchscreen voting machines and optical-scan machines. Premier said the flaw was in versions 1.20.2 and earlier of the software, though other versions may be affected as well.

Premier initially blamed the problem on anti-virus software that Ohio counties installed on their servers. But that explanation, published last May in an advisory sent to election officials, was met with much skepticism by voting activists and computer experts.

On August 19, after Ohio Secretary of State Jennifer Brunner filed a suit against Premier to force the company to pay damages for the lost-vote incident, the company released a second advisory acknowledging that the problem was its software (.pdf). In the advisory, the company stated that the issue was a "sharing violation" problem.

Posted by Justin Payton in Adware, Spyware and Trojans at 14:14

Many companies are trying to prevent leakage of personal and classified information by building independent networks isolated from the Internet, as viruses are often transmitted via files attached to e-mail or those on the Internet. However, USB drives are often used on unspecified computers, so viruses can immediately spread.

Antivirus software maker Trend Micro Inc. has found that reported computer virus infections via USB flash memory drives more than doubled in September, Jiji Press learned.

Infections in the month with the Otorun worm, which propagates via removal drives such as USB drives, surged 140 percent from the previous month to 347 cases, Trend Micro said in a monthly survey report.

The company's monthly reports showed that viruses transmitted via USB drives began to rapidly increase in February, with the number of Otorun infections in January-June reaching 517, the most popular to far exceed 201 cases of the Agent, Trend Micro said.

Posted by Justin Payton in Adware, Spyware and Trojans at 10:33

The U.S. Army is flagging the popular blogging service Twitter as a potential terrorist tool, the Agence France-Presse news agency reported Sunday.

A recently released report by the 304th Military Intelligence Battalion contains a chapter entitled "Potential for Terrorist Use of Twitter," which expresses concern over the increasing use of Twitter by political and religious groups, the AFP reported.

"Twitter has also become a social activism tool for socialists, human rights groups, communists, vegetarians, anarchists, religious communities, atheists, political enthusiasts, hacktivists and others to communicate with each other and to send messages to broader audiences," according to the report.

Posted by Justin Payton in Adware, Spyware and Trojans at 17:12