Credit: Technology ReviewFrom Technology Review:
One-time passwords are vulnerable to new hacking techniques.
In mid-July, an account manager at Ferma, a construction firm in Mountain View, CA, logged in to the company's bank account to pay bills, using a one-time password to make the transactions more secure.
Yet the manager's computer had a hitchhiker. A forensic analysis performed later would reveal that an earlier visit to another website had allowed a malicious program to invade his computer. While the manager issued legitimate payments, the program initiated 27 transactions to various bank accounts, siphoning off $447,000 in a matter of minutes. "They not only got into my system here, they were able to ascertain how much they could draw, so they drew the limit," says Roy Ferrari, Ferma's president.
Read more ....
No comments:
Post a Comment