VIA Root - Man-in-the-Browser attacks a serious threat

VIARoot

Security News

Security alerts

Business IT security Services

Security Tools

About VIARoot

Man-in-the-Browser attacks a serious threat

Search

Vulnerabilities Alerts

Windows Zero-Day Exploit Uses Shortcuts And USB Drives
Hugo Jean, Heptacube Inc.
2010-07-16 15:42:51
The malware spreads through removable drives even if AutoPlay is disabled, installs rootkit on the computer.

Phishing On 15 US Banks Spreads With The Zeus Trojan
Hugo Jean, Heptacube Inc.
2010-07-14 12:26:24
False 'Verified by Visa' and 'MasterCard SecureCode' pages harvest customers' personal data.

IT Directory

Wiseleap Solutions Inc.
Founded in 2005, Wiseleap Solutions Inc.'s mission consists in providing companies with the information necessary to make cri [...]

IT Ration Consulting Inc.
IT-Ration Consulting inc has been a NetSuite Partner since 2005 and helps your enterprise grow by aligning your Information T [...]

HumanWare
Empowering People Focused on enhancing the lives of people with visual and learning disabilities, HumanWare provide [...]

By Hugo Jean, Heptacube Inc.
2010-06-15 11:46:04
RSA and other security firms warn of the increasingly successful session hijacking Trojans and give advice on protecting corporate property against them.
A form of Internet threat related to Man-in-the-Middle attacks, Man-in-the-Browser (MitB) Trojans can be as damaging as they are hard to detect and get rid of. Fortunately, solutions exist for protecting against, detecting and mitigating the effects of such Trojans. The main threat posed by a MitB Trojan is it can literally hijack the session of a user in a Web browser. It is a handy and popular tool amongst hackers and fraudsters because it is easily propagated through drive-by downloads or social networking Web sites. In addition, it can often remain unseen on the infected computer for lengthy periods of time, allowing hackers to easily fulfill all their deeds. Among the most widespread MitB Trojans are the famous Zeus and ZBot. Information security firm Entrust also identifies SpyEye and URLZone as common MitB strands. RSA recommends four specific layers of defense for protection against MitB Trojans, but also Trojans in general: Transaction monitoring : Monitor transactions post-login to detect unusual behavior that may indicate a fraud attempt or Trojan activity Out-of-band authentication : Verify transactions that are high-risk using authentication that circumvents traditional channels used by cybercriminals Trojan detection and shut down : Identify and shut down infection points, update points, and drop sites that distribute, update, and collect stolen information from Trojans Trojan intelligence : Gain insight on users, credentials, and accounts that may have been compromised by a Trojan Transaction monitoring can come as a software solution that analyzes user behavior when conducting online transactions. It can prompt the user to use advanced options, such as out-of-band authentication, in the case of high-risk transactions. Out-of-band authentication refers to authentication of the user by means other than the browser. A common, easy to implement and efficient out-of-band authentication solution is using an automated telephone service to identify the user by voice on top of the credentials transmitted through the Web browser. This ensures that no Trojan or third-party interferes with the transaction. Of course, circumventing the Trojan with these tools does not get rid of it. Anti-virus software and other detection and cleaning tools, as always, are a necessity for suppressing the threat and ensuring the computer is really safe.

Reference 1: http://www.rsa.com/node.aspx?id=3381

Reference 2: http://www.entrust.com/mitb/index.htm

Reference 3: http://en.wikipedia.org/wiki/Man_in_the_Browser

Reference 4: http://www.owasp.org/index.php/Man-in-the-browser_attack

Tags

Entrust MitB MitM RSA trojan ZBot Zeus

Comments

Comment this post

No comment on this post.