Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Complicated Method of Attack Designed to Control Users Online Banking

Security researchers of security firm Trend Micro warn that cybercriminals have designed a difficult method of attack to have control on the victim's online bank accounts.

Trend Micro recently released a report on "Operation Emmental" which is similar to the Swiss Emmental cheese (referring to Emmental) revealing that the security systems used by financial institutions are having holes. The operation uses Android malware which can beat two-factor authentication and can also deliver malicious code that changes DNS settings of an infected computer to make it to point to servers operated by attackers.

Saboteurs start the scheme by delivering malware via phishing attacks with malicious links or attachments which are designed to look like notifications from popular retailers.

Scmagazine.com published news on 22nd July, 2014 quoting the explanation of David Sancho, Senior Threat Researcher of Trend Micro as "users who fall for phishing trick are infected but not with the normal banking malware."

Sancho added that the malware only changes the configuration of user's computers and removes itself though changes are small but repercussions are big.

The malware installs a new root Secure Sockets Layer (SSL) certificate to make phishing pages look authentic and to prevent Web browser from warning victims when they are taken to these phishing websites. Trend Micro said that users are asked to provide all necessary details to authenticate on the phishing pages.

Trend Micro says that this complicated cyber-fraud also tricks users to install a fake Android app which works to weaken the multi-factor one-password system that may be in use.

The SMS sent by the bank never reaches the victim and so the victim clicks the "I didn't receive the SMS" link. Victims are tricked to install the fake mobile app which gives full control of victim's online banking sessions to attackers as it intercepts the session tokens sent via SMS to victim's phones which are then given to cybercriminals. Therefore, attackers get everything to fake the user's online banking transactions.

Investigators suspect that attackers may be Russian as some traces of Russian language have been found in the code of attack.

ยป SPAMfighter News - 7/31/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page