“Customers who use a number of the top online banking sites are at risk of falling prey to a new Web-based attack that snatches user IDs and passwords for these sites. Among the sites targeted by the attack are some owned by Citibank, Deutsche Bank and Barclays Bank.” In a recent article by eWEEK writer Dennis Fisher, he discussed Pop-Up Programs Snatching Banking Passwords.
Now his colleague, Steve Gillmor, goes one further and details additional threats that come free of charge courtesy of Microsoft Explorer’s reliance on Active X scripting. In a nutshell, Active X is used to facilitate many tasks – the computer just goes off on its own and does stuff that’s supposedly helping the consumer. Only, when it gets exploited by malicious hackers, it does useful stuff for them, like logging your every key stroke.