Feeds

Judge rules against firm that lost $345k to bank trojan

Victim failed to secure account credentials

The essential guide to IT transformation

A federal magistrate judge has ruled against a small business that lost $345,000 in an online bank heist, arguing that the theft largely resulted from its own failure to secure its account credentials, according to published news reports.

Patco Construction Company sued Ocean Bank in 2009 after crooks used malware to siphon about $589,000 out of the company's account. Bank employees managed to recover about $243,000 of the pilfered funds, but held the small business responsible for the remainder. Patco asked a federal judge in Maine to hold the bank accountable for the loss, arguing bank employees should have recognized warning signs that the transactions were fraudulent.

This week's 70-page ruling (PDF) serves as a recommendation and still must be formally adopted by the judge overseeing the case. Still, it could serve as a harbinger of rulings to come. With the wide availability of malware generated from the ZeuS and SpyEye DIY kits, online bank heists have run rampant over the past few years, generating millions of dollars in losses.

Hanging in the balance is whether banks or end users should be on the hook for reimbursing those costs.

More from Bank Info Security, IDG News and KrebsOnSecurity is here, here and here. ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION
Anatomy of the net's most destructive ransomware threat
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?