Posted by Virus Bulletin on Aug 25, 2009
Anti-spam firm hopes to force banks to share more information on attacks.
Unspam Technologies, the company behind Project Honey Pot, has filed a lawsuit against unnamed 'John Does', who are thought to be responsible for stealing millions of dollars every month from US bank accounts through the use of malware. In 2007, Unspam filed a similar lawsuit against as-yet-unidentified spammers.
The purpose of this lawsuit, filed in a Federal District Court in Virginia, is to convince, or if necessary force banks to disclose information that will help unmask the identities of the crooks involved in cybercrime. Banks are known to be reluctant to share information about theft through phishing and malware, or even to admit that they have suffered from such theft, and it is believed that this works to the advantage of the criminals behind such attacks.
A second goal of the lawsuit is to find a 'chokepoint' in the systems used by banks that makes for easier abuse. Jon Praed, Unspam's attorney and an experienced anti-spam lawyer, said that one possibility would be that the information made available through the lawsuit will show that banks are only using single-factor authentication; in that case, it is hoped that the case would help strengthen the authentication processes used by the banking sector.
More on the story is at Computerworld here, with the complaint filed by Unspam Technologies here (PDF).
Posted on 25 August 2009 by Virus Bulletin