Re: [Full-disclosure] Is Your Online Bank Vulnerable To Currency Rounding Attacks?
- From: Jeffrey Walton <noloader@xxxxxxxxx>
- Date: Mon, 9 Jan 2012 13:41:51 -0500
On Mon, Jan 9, 2012 at 11:25 AM, ACROS Security Lists <lists@xxxxxxxx> wrote:
I believe the term is "arbitrage" (not rounding attacks).
Many online banks we've reviewed have been found to be vulnerable to the "currency
rounding attack". What's special about this attack? Not much, except that it seems to
be perfectly legal and allows one to make tens of thousands of EUR/USD per day. Read
about it in our blog and help your banks avoid it:
http://blog.acrossecurity.com/2012/01/is-your-online-bank-vulnerable-to.html
or
http://bit.ly/yp4idv
Jeff
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- References:
- [Full-disclosure] Is Your Online Bank Vulnerable To Currency Rounding Attacks?
- From: ACROS Security Lists
- [Full-disclosure] Is Your Online Bank Vulnerable To Currency Rounding Attacks?
- Prev by Date: [Full-disclosure] McAfee "Relay Server" Product Installs Open Proxy On Consumer PCs
- Next by Date: Re: [Full-disclosure] Fwd: Rate Stratfor's Incident Response
- Previous by thread: [Full-disclosure] Is Your Online Bank Vulnerable To Currency Rounding Attacks?
- Next by thread: Re: [Full-disclosure] Is Your Online Bank Vulnerable To Currency Rounding Attacks?
- Index(es):
Relevant Pages
|
