Monday, November 12, 2012

A new type of attack on custom software

The new type of attack called "man-in-the-browser" or "universal attack man-in-the-browser". 

This type of attack, reported in his blog specialists Trusteer.

During this attack, provided that the virus will be implemented in the operating system or application, the virus also installs a special extension for the browser. This extension will run every browser start. After that, in the case of a general attack on every web page is loading in the browser to verify that the virus will be the page address certain target sites list. If the site is included in this list - extension intercepts or modifies the data that a user enters into web forms, such as registration or entry of financial information.

Thus, the malware takes control of all traffic between your computer and the web server serving a specific site. This allows hackers to intercept passwords to log into online banking or replace data make transactions to redirect funds to the account hacking.

Trusteer experts showed a new, universal type of attacks "man-in-the-browser". Universal attack not aimed at specific sites, implementing this type of attacks, malicious browser extension collects all the data entered by the victim on any web sites. It does not require additional processing of the information collected to isolate authentication and other data of interest to the hacker, that is "universal attack man-in-the-browser" is carried out in real time.

Gathering in real time all the information entered by the user to visit the site, significantly enhances the hackers to hack the financial accounts. - Previously, hackers attack using "man-in-the-browser", were limited by the number of target sites, or they needed to spend more time on the extraction of identity from the mass of information collected. Now, the captured data can be used immediately, for example, once used for making illegal transfers or sold on the "black" market. "Fresh", the actual information for hackers always the most valuable.

According to the press release.


No comments:

Post a Comment