This one is ugly - Sinowal Trojan

General discussion of identity theft issues, including identity theft schemes, phishing scams, and related issues.
Judge Roy Bean
Judge for the District of Quatloosia
Judge for the District of Quatloosia
Posts: 3704
Joined: Tue May 17, 2005 6:04 pm
Location: West of the Pecos

This one is ugly - Sinowal Trojan

Post by Judge Roy Bean »

http://www.rsa.com/blog/blog_entry.aspx?id=1378

It's been out there for years - an excerpt says a lot:
The sheer volume of data stolen by Sinowal is extraordinary
Just a single Trojan, operated by just one group of fraudsters, has been able to infect hundreds of thousands of computers, compromising and stealing information from their users’ accounts.

The compromised data belongs to customers of hundreds of financial institutions within many regions of the world. We have seen affected financial institutions within North America (both the United States and Canada), Europe (United Kingdom, France, Spain, Germany, the Netherlands, Italy and others), Asia Pacific (Australia, China, Malaysia, and others) as well as some countries in Latin America. However, we found that no Russian accounts were compromised by Sinowal.

In the past six months alone, the Sinowal Trojan has compromised and stolen login credentials and other information of more than 100,000 online bank accounts.
The Honorable Judge Roy Bean
The world is a car and you're a crash-test dummy.
The Devil Makes Three
compton

Re: This one is ugly - Sinowal Trojan

Post by compton »

:Axe: Hi! I had the same problem with a trojan and it was horrible. I hate this virus; I found a program, actually an old version of antivirus but it works cool kaspersky version 7 I hope it'll be ok for you
Nikki

Re: This one is ugly - Sinowal Trojan

Post by Nikki »

I really miss the days when the only time a person needed to worry about trojans was on date nights.
fortinbras
Princeps Wooloosia
Posts: 3144
Joined: Sat May 24, 2008 4:50 pm

Re: This one is ugly - Sinowal Trojan

Post by fortinbras »

Dealing with an enitrely different trojan whose name I do not know -- but it redirected my browsers at the last instant to a variety of shabby shopping websites -- I had tried without luck several strategies to eliminate it - system restore, Ad-Aware, AVG, Trojan Killer, Anti-Vir, even Fix-It Utilities 10 (which costs $40), without any luck. Then my computer repairman suggested the freeware MALWAREBYTES. Downloadable from a number of reputable sites. Worked like a charm!
User avatar
Pottapaug1938
Supreme Prophet (Junior Division)
Posts: 6107
Joined: Thu Apr 23, 2009 8:26 pm
Location: In the woods, with a Hudson Bay axe in my hands.

Re: This one is ugly - Sinowal Trojan

Post by Pottapaug1938 »

alshidaa wrote:How to allow a Trojan into my computer? What I want to execute on my computer is not a trojan, but Mcafee thinks it is. I just want to allow this one program to run, but it won't let me. I KNOW for a fact it is not a trojan, so don't tell me I might be wrong.
You say that you KNOW; but how about letting the rest of us know why as well? You are telling us that we are wrong about Sinowal not being a trojan; so convince us, if you can.
"We've been attacked by the intelligent, educated segment of the culture." -- Pastor Ray Mummert, Dover, PA, during an attempt to introduce creationism -- er, "intelligent design", into the Dover Public Schools
Nikki

Re: This one is ugly - Sinowal Trojan

Post by Nikki »

alshidaa wrote:How to allow a Trojan into my computer? What I want to execute on my computer is not a trojan, but Mcafee thinks it is. I just want to allow this one program to run, but it won't let me. I KNOW for a fact it is not a trojan, so don't tell me I might be wrong.
Have you inspected every line of executable code in this program to ensure that it hasn't been modified to include a lethal payload?

If you're that certain, (assuming you're trying to pull this down from the Internet) instead of directly running it, do a 'save as' giving it a file extension other than something which McAfee recognizes as an executable. Once it's downloaded, you can rename it and run it.

But first, do a 100% backup and create an emergency rebuild disc.
Arthur Rubin
Tupa-O-Quatloosia
Posts: 1753
Joined: Thu May 29, 2003 11:02 pm
Location: Brea, CA

Re: This one is ugly - Sinowal Trojan

Post by Arthur Rubin »

Nikki wrote:If you're that certain, (assuming you're trying to pull this down from the Internet) instead of directly running it, do a 'save as' giving it a file extension other than something which McAfee recognizes as an executable.
McAfee? Recognize?? McAfee is known for the worst recognition rate in the industry, and in order to disinfect a virus, as oppose to deleting infected files, you need to know what it is.
Arthur Rubin, unemployed tax preparer and aerospace engineer
ImageJoin the Blue Ribbon Online Free Speech Campaign!

Butterflies are free. T-shirts are $19.95 $24.95 $29.95
Demosthenes
Grand Exalted Keeper of Esoterica
Posts: 5773
Joined: Wed Jan 29, 2003 3:11 pm

Re: This one is ugly - Sinowal Trojan

Post by Demosthenes »

fortinbras wrote:Dealing with an enitrely different trojan whose name I do not know -- but it redirected my browsers at the last instant to a variety of shabby shopping websites -- I had tried without luck several strategies to eliminate it - system restore, Ad-Aware, AVG, Trojan Killer, Anti-Vir, even Fix-It Utilities 10 (which costs $40), without any luck. Then my computer repairman suggested the freeware MALWAREBYTES. Downloadable from a number of reputable sites. Worked like a charm!
I've been using MalwareBytes for about two years, in combination with AVG. MalwareBytes kicks ass.
Demo.
User avatar
Pottapaug1938
Supreme Prophet (Junior Division)
Posts: 6107
Joined: Thu Apr 23, 2009 8:26 pm
Location: In the woods, with a Hudson Bay axe in my hands.

Re: This one is ugly - Sinowal Trojan

Post by Pottapaug1938 »

Demosthenes wrote:
fortinbras wrote:Dealing with an entirely different trojan whose name I do not know -- but it redirected my browsers at the last instant to a variety of shabby shopping websites -- I had tried without luck several strategies to eliminate it - system restore, Ad-Aware, AVG, Trojan Killer, Anti-Vir, even Fix-It Utilities 10 (which costs $40), without any luck. Then my computer repairman suggested the freeware MALWAREBYTES. Downloadable from a number of reputable sites. Worked like a charm!
I've been using MalwareBytes for about two years, in combination with AVG. MalwareBytes kicks ass.
MalwareBytes works well for me, as well.
"We've been attacked by the intelligent, educated segment of the culture." -- Pastor Ray Mummert, Dover, PA, during an attempt to introduce creationism -- er, "intelligent design", into the Dover Public Schools