This attack just goes to show you how many computers are not secured on the Internet. Before these attacks were launched, they created malicious replicas of each bank which would install malicious code on to the victim’s computer. The malicious software on the websites were based off of exploiting a Microsoft vulnerability….one that was patched last May.

Fifty financial institutions in Europe, the United States and the Asia-Pacific region were hit with a well crafted pharming attack this week.

In preparation for the attacks, hackers created mock pharming websites for each financial institution they targeted, according to press reports from the IDG News Service.

Researchers from Websense told the wire service that attackers lured victims to a website hosting malicious code that exploited a patched Microsoft vulnerability.

Microsoft patched the flaw last May. The vulnerability requires a user to only visit a website to have his or her PC infected by malware.[more]

Tags: Malware, Identity Theft