• Networking

  • Malware steals Lebanese e-banking information

The virus has infected more that 2,500 computers, mainly in Lebanon, according to the Russian security firm Kaspersky Lab. It is designed to spy on customers of the Lebanese banks BlomBank, ByblosBank and Credit Libanais, analysis showed. Citibank and PayPal customers have also been targeted, Kaspersky Lab said.
Source: http://www.telegraph.co.uk/technology/internet-security/9466718/Cyber-espionage-virus-targets-Lebanese-banks.html
nothing new, 90% of lebanese websites can easily be hacked, the other 10% requires a bit more work, until we start teaching ethical hacking and hiring ethical hackers. anyone can hack anything. hell we don't have dedicated servers in lebanon and we are hosting everything in usa or europe how can you protect your data if you are giving it to someone else you can't trust? we're not even teaching system administration... i don't hate the hackers, they are doing their job, we are not doing our job in protecting our websites
No that's not it.

I don't know who edited my post but this is clearly not an online e-banking thing. The article title is

Cyber espionage virus targets Lebanese banks

and so was the title of my original post (that got also edited).

If it's based on Stuxnet, this is not a small online hack, it's a full-blown mother-of-god sophisticated trojan that they repurposed for Lebanese bank systems.
Yes, you're right, from the Kapsersky release, it looks like it only targets users of the e-banking solutions, not the banks computers themselves.
That's why payment on delivery is the best option when it comes to online shopping.
That's why payment on delivery is the best option when it comes to online shopping.
Maybe for the consumer, but it's definitely not the best option for businesses. For example, refunds are more costly and harder to deal with given the additional transportation cost. You also run into money management issues as you're entirely cash-based.
Please, if someone gets his hands on a sample of that malware, pass it on :)
Given the horrible security they have; they should not be allowed to host such services in the first place.
samer wrote
That's why payment t on delivery is the best option when it comes to online shopping.
Maybe for the consumer, but it's definitely not the best option for businesses. For example, refunds are more costly and harder to deal with given the additional transportation cost. You also run into money management issues as you're entirely cash-based.
That is true but a seller's job is to satisfy the consumer and there always consequences to be made no matter what.
If I was a seller, I would rather have my customers trust me rather than hesitate wheather to buy or not because of submitting credit card info.
I think the customer will be much more satisfied if there wasn't any risk of handing any credit card information, don't you ?
I would rather have my customers trust me rather than hesitate wheather to buy or not because of submitting credit card info.
That is a good point. However, this does not prove that we should be using Payment on Delivery indefinitely. A seller like PCandParts (who is widely trusted these days) should progressively shift to credit cards. A good success story in the arab world is GoNabIt (daily deals site acquired by LivingSocial). They used to work exclusively with credit cards. Their Lebanese sales were relatively good (a dozen to a couple of hundred coupons sold for each deal).
I think the customer will be much more satisfied if there wasn't any risk of handing any credit card information, don't you ?
The risk exists, but is over-rated. This paranoia is handicapping the regional e-commerce sector. Visa and Mastercard authenticate individual transactions and are good at it. We need to educate customers to get over this irrational fear.
Are there any regional efforts to bring new payment options a la Paypal or, even better, Square?
Paypal is not linked to any regional context, the parliament needs to approve the electronic signature draft otherwise we can only dream of having access to that service.
i agree with samer, just because this gauss malware exists, doesn't mean that we should stop using credit cards, our PCs are infected with a million virus, we play cracked games, we use cracked software, hell we even use cracked antivirus , or free antivirus, a free antivirus is shit, you get what you pay for, and we pay for nothing, pirated mp3s and movies, everything we download contains a malware, every cracked software we have contains a malware, even google images is full of malware, i once heard a scientist saying that 90% of images that you find on google images contains a malware.

the other issue we face is that lebanese people don't know how to identify spams, many of them check the spams folder, most of lebanese people use hotmail which has the worst spam filter, spams go to the inbox and they check it, spams even go sometimes to gmail's inbox, lebanese people check everything because they don't know how to identify spams.

In short lebanese people don't know how to secure their computers, and you don't have to be a hacker to hack them, my friend hacked many credit cards 2 years ago using team viewer. we have to educate people, every pc in lebanon is infected with a malware. Don't create a hoax.

"The three golden rules to ensure computer security are: do not own a computer; do not power it on; and do not use it" - Robert Morris
rahmu wroteAre there any regional efforts to bring new payment options a la Paypal or, even better, Square?
Not really.

So far the only facility businesses have is Netcommerce (if you forget Audi and the deals they have with some of their customers). And truth be told, if Netcommerce did a little work in "cleaning" up their service, offering a few more solutions, making it look a little more professional, the outlook of the local online business would be different.

As for personal payments like Paypal, correct me if I'm wrong, but I think Moneybookers allows some of that. It's a painful process at first (verifying your identity, bank account, etc), but then it's usable.
I would rather have my customers trust me rather than hesitate wheather to buy or not because of submitting credit card info.
That is a good point. However, this does not prove that we should be using Payment on Delivery indefinitely. A seller like PCandParts (who is widely trusted these days) should progressively shift to credit cards.
They've been impermeable to this kind of change for years. They don't accept checks even from their largest accounts. They have an excellent service though.

On an international level, Lebanon is still flagged as a country not to make extended online business with (even Amazon only allows certain items to be shipped) and I don't see that change anytime soon unless the government does something (such as an international banking PR campaign or such). I think it has less to do with the political situation of the country.
the other issue we face is that lebanese people don't know how to identify spams, many of them check the spams folder, most of lebanese people use hotmail which has the worst spam filter, spams go to the inbox and they check it, spams even go sometimes to gmail's inbox, lebanese people check everything because they don't know how to identify spams.
True, but the focus of current spam is not so much local and does not target Lebanese or Arabs in particular. It's an international thing. Actually, I would say Lebanese are usually above the curve.
In short lebanese people don't know how to secure their computers, and you don't have to be a hacker to hack them, my friend hacked many credit cards 2 years ago using team viewer. we have to educate people, every pc in lebanon is infected with a malware. Don't create a hoax.
That's exaggerated. I don't know a single PC owner who doesn't have some sort of antivirus installed (well I don't but I'm on a Mac). As for hacks, how many of them work without direct access to the machine?
True, but the focus of current spam is not so much local and does not target Lebanese or Arabs in particular. It's an international thing. Actually, I would say Lebanese are usually above the curve.
when i talked about spams, i didn't say that they target lebanese people, i just gave an example to talk about the naivety of people when it comes to securing their PCs.

I don't know a single PC owner who doesn't have some sort of antivirus installed
everyone has an antivirus, they have a free antivirus, (free = useless) or a cracked version, (cracks contain trojan horses) tell me do you personally pay 200$ for your antivirus? and no one knows what's the best antivirus and what's a bad antivirus, in short, the antivirus that we use are either useless or maybe even dangerous because they contain trojan horses!