|
-
July 9th, 2004, 08:43 AM
#1
Rogue Dialers
Rogue Dialers - The Nets Latest Scamola!
E-Mail Print By: Robert Palmer
Friday July 09 2004, 00:07:00
http://www.desknet.co.uk
If recent news stories concerning worms, trojans and security exploits within Microsoft's Internet Explorer, left you feeling vulnerable, this will leave you terrified. PC's the world over are already being hit by a new breed of trojan type software called Rogue Dialers. More malevolent than most ordinary spyware, Rogue Dialers actually hijack the computer's modem and then uses it to dial-up a premium rate telephone number, racking up huge telephone charges. Many Dialers operate whilst the victim is actively surfing the Net by dropping the current connection and then performing an automatic reconnection via a premium rate number. Most scary of all, are the Dialers which connect themselves to a premium rate number while the victim is away from their machine; achieving this by detecting long periods of inactivity.
Most "infections" of Rogue Dialers are contracted by the "drive-by download" method, where-by the dialer software is automatically downloaded from a webpage without the victim ever being aware. This method of installing software onto a users PC was pioneered by the online, adult services industry as a way of putting spy and adware programs onto a customers PC without them knowing. Originally confined to adult websites, drive-by downloads of spyware used to be known as the Electronic Pox; a risk the end-user took when visiting adult websites. Of course, just like the first pop-up box, also developed by the adult industry, the rest of the Internet was soon to follow. Thanks to a glaringly obvious design flaw in Microsoft's Outlook Express, which allows emails, including those containing HTML and embedded malevolent code, to be previewed without any warning, Rogue Dialers can be placed onto a victims PC without them ever going near a website. Rogue Dialers are just the next generation of electronic misery which can be inflicted upon the end-user. Unfortunately for any victims, Rogue Dialers hit the pocket and they hit it hard!
In America, one victim of a Rogue Dialer scam racked up some $500 in charges after their modem was hijacked and a premium rate number was contacted on just six occasions. In the UK too, numerous victims have reported huge telephone charges, with some in excess of £1500 ($2800).
The consumer website, Bad Business Bureau has received over 1300 complaints from victims of this latest scam and, while this whole matter is being investigated by Federal Trade Commission in the States and by the Office of Fair Trading in the UK, scammers are already responding with new software which dials numbers in countries where trade controls are lacking.
A further blow has recently been delivered to UK based victims with announcements from the leading telecoms providers, BT and NTL, that they are "not responsible" for calls which have been made fraudulently and that customers will not be exempted from any charges incurred.
Protecting Yourself & Your Wallet
[gloworange]Firewalls and and anti-virus software WILL NOT provide protection against Rogue Dialer infections. The "drive-by download" method of introducing a Rogue Dialer onto a PC normally involves an ActiveX script and users are advised, at the very least, to set their browser settings to either disable ActiveX or warn of its existence.[/gloworange] For a more professional approach to protecting your modem, StopItNow, an Australian based software company has released a specific Rogue Dialer killer which retails for just $16.95.
To avoid having a Rogue Dialer dumped onto their computer via the preview pane of Outlook Express, users may want to consider an alternative email client such as the freeware program, Eudora.
Will norton updated with the latest defs, detect this trojan? If not why not?
Does anyone know about this new threat( or is it an old one? ) and how can it be avoided/detected?
-
July 9th, 2004, 08:46 AM
#2
How the heck do they get away with this crap??!! They should be jailed for life.
"Personality is only ripe when a man has made the truth his own."
-- Søren Kierkegaard
-
July 9th, 2004, 09:02 AM
#3
Based on what you know, would these dialers show up in Dial-up Networking (and Network Connections on XP) or can they hide themselves? Also, have any links where you got information on these? Thanks.
"Personality is only ripe when a man has made the truth his own."
-- Søren Kierkegaard
-
July 12th, 2004, 03:57 PM
#4
These dialers usually call an expensive (premium rate) number (0900? 0800?) and most Telcos will let you block access to those numbers if you call them.
Dutch lawmakers are investigating if they can make this illegal in Holland 
{edit} AFAIK these rogue dialers will show up in Dial-up networking, so they're easily removed. {/edit}
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 12th, 2004, 04:44 PM
#5
My experience with these dialers is with the more 'basic types' - Not the ones that will hijack an existing internet session.
The ones I have seen do not show up in DUN but can be seen in task manager.
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
