The wonders of the human mind. :|
Ingenuity comes in many forms, with the old cliché being Necessity is the mother of all invention. The necessity for the bad folks is grabbing our banking information, identity, or anything else of value from our computer.
While Energizer has no idea as of yet as to how the Trojan software was planted in their device’s monitoring software package, it is now pretty much out in the open that their product did indeed deliver a Trojan to folk’s computers if they installed it.
A while back, USB based electronic picture frames were delivering some malicious software to folk’s systems too.
- ComputerWorld Security: Energizer Bunny's software infects PCs.
- ZD Net Zero Day: Energizer battery charger contains backdoor.
It is getting to the point where we need two systems, whether one physical and one virtual, or otherwise so that we can split off the extremely important things such as online banking to a Vista/Win 7 box with UAC enabled, Standard User permissions, and _NO_ e-mail or other browsing allowed.
Obviously, the VM OS would be used to run the daily tasks with the host being the exclusive banking and sensitive transaction machine.
- Jesper M. Johansson on TechNet: I Got Hacked. Now What Do I Do?
We flatten. We format and reset that drive to “0” leaving no sector unturned.
If the system’s owner refuses to allow for that and requires us to “clean” a Trojan or Rootkit infected machine we get them to sign a liability waiver that exonerates us before they walk out the door.
There are absolutely _NO_ guarantees when it comes to “cleaning” a system that had a backdoor in it. None. Nada. Zippo. Zilch.
The same goes for a compromised DC by the way.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book