HSBC banking web site trojan
Peter Tomlinson
pwt at iosis.co.uk
Sun Aug 16 09:19:00 BST 2009
Mary Hawking wrote:
> In message
> <mailman.2.1250405286.30815.ukcrypto at chiark.greenend.org.uk>,
> ukcrypto-request at chiark.greenend.org.uk writes
>> Rupert Goodwins at ZDNet UK spent much of the day trying to find out
>> from HSBC PR what was going on.
>>
>> http://bit.ly/IrOUj
>>
>> has the results: the bank says that the problem is false alarms from
>> Kaspersky's a-v software.
>>
>> wg
> Do/should we believe them - especially as Peter actually captured the
> Trojan?
> And if they are to be believed, and there was no Trojan, where did the
> Trojan Peter caught come from?
I'm more inclined to think that, if indeed there was no Trojan, this
could have been a signature clash between whatever HSBC was sending as
part of the web page and some section of the Trojan that Kaspersky's
database had analysed.
Peter
More information about the ukcrypto
mailing list