Related Stories

  • Spam campaign makes offerings to Zeus
    The widespread banking trojan/botnet known as Zeus is continuing to throw its malware-infested thunderbolts at unsuspecting users, this time through a wide-net spam campaign.
  • Shylock malware dials up Skype
    The banking trojan known as Shylock is calling up more victims, thanks to a new propagation tactic of using Skype. It’s also added a few new features to worsen the infection.
  • Fake Google Chrome updates unleash banking trojan
    A ploy targeting consumers with bogus Google Chrome browser updates is spreading Zeus-like banking malware to unsuspecting web surfers.
  • High-end Citadel financial malware overtakes Zeus as king
    Citadel, which researchers say is essentially the Lamborghini of the financial information-stealing malware scene, is well on its way to overtaking Zeus and SpyEye as the go-to banking trojan after only being discovered earlier this month.
  • Win32/Gataka: a new banking trojan readies itself
    As if there aren't already enough banking trojans to worry about, with SpyEye and Zeus, Carberp and OddJob, ESET is now warning that Gataka (aka Tatanga) – another man-in-the-browser trojan – appears ready for take-off.

Top 5 Stories


Hackers steal thousands from Vancouver church

22 January 2013

The Ladysmith First United Church on Vancouver Island in Canada is missing $40,000 after a persistent cyber-attack on the organization.

According to the Nanaimo Daily News, the Royal Canadian Mounted Police are investigating a report that funds had been transferred out of the church’s bank account over the course of an ongoing effort.

“Somehow their account at one of the local financial institutions was compromised through the Internet,” Cpl. Tim Desaulniers of the Ladysmith RCMP detachment told the paper. “It’s very preliminary right now. It looks like it originated down East.”

Those alleged Eastern Canadian perpetrators waged their attack over the holiday season, but church authorities didn’t become suspicious until Dec. 27, when they reported the missing money to the police. Canadian Mounties say over a 10-day period in late December, there were six withdrawals from the church’s account made via online requests.

CTV News said that police are busy following the digital footprints of the culprits, and so far it appears that the hackers gained access via a church employee’s home computer, where they managed to sniff out log-in credentials and passwords for the church’s online banking site.

Desaulniers explained the fact that the attack was on a church over Christmas is likely an isolated situation, and that the attackers don’t appear to be particularly geared toward hitting churches.

It’s very likely that hackers were simply using a banking trojan in a consumer-focused info-stealing campaign and just happened to ensnare the church’s account details from the home computer. The incident brings into focus the necessity for staunch security measures when carrying out corporate or work-related activities online from a home or, worse, a public computer.

This article is featured in:
Application Security  •  Data Loss  •  Identity and Access Management  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×