- Anzeigen -


Sie sind hier: Home » Markt » World-wide News » Products & News

110609_wor_akt_imperva


Rubrik: World-wide News/Products & News
Boy-in-the-Browser Gets Aggressive by Evading Anti-Malware
"It all Starts With a Simple, Innocent-Looking Phishing Email"
(09.06.11) - Imperva warns Boy-in-the-Browser (BITB) attacks are gaining force as they continue to evade traditional anti-malware software. Tomer Bitton, from the Imperva Application Defense Center, explains, "Many are familiar with Man-in-the-Browser (MitB) attacks, but most are unaware of the lesser known Boy-in-the-Browser (BitB). Not as sophisticated as MitB, BitB malware has evolved from traditional key loggers and browser session records. The recent spate of BitB trojans that targeted Chilean banks, and their customers, demonstrates that this type of attack is gaining force and continues to evade traditional anti-malware software."Talking you through the steps of an attack, Tomer outlines how it shapes up, "It all starts with a simple, innocent-looking phishing email that encourages the user to click a link to visit a website for more details. However, rather than then asking the user to divulge personal details - which most are now wise to, it instead tells the user that they need to download the latest version of Adobe Flash Player to view the page. Most users will be duped into believing this and will click the link. However, rather than receiving the latest version of Flash, they"re actually downloading malware. Once 'installed' the flash-player Trojan writes itself to the registry, then asks the user to 'Run' the programme, which allows it to survive the reboot and infects the machine. To avoid detection, the Trojan creates the new hosts file as read-only file."Explaining the consequences of having infected the machine with the malware, Tomer continues, "From this point, the malware overwrites the users file mapping of hostnames (URL) to network address (IP) mechanism. The next time the user tries to connect to a banking application, or other frequently visited URL, the Trojan instead redirects the user to a fake site controlled by the criminals, which mimics the real site. Often it is so cleverly done that the user would struggle to tell the difference. However it is here that the credentials are stolen, or the user is duped into completing a bogus transaction." (Imperva: ma)

Rubrik: World-wide News/Products & NewsBoy-in-the-Browser Gets Aggressive by Evading Anti-Malware"It all Starts With a Simple, Innocent-Looking Phishing Email"(09.06.11) - Imperva warns Boy-in-the-Browser (BITB) attacks are gaining force as they continue to evade traditional anti-malware software. Tomer Bitton, from the Imperva Application Defense Center, explains, "Many are familiar with Man-in-the-Browser (MitB) attacks, but most are unaware of the lesser known Boy-in-the-Browser (BitB). Not as sophisticated as MitB, BitB malware has evolved from traditional key loggers and browser session records. The recent spate of BitB trojans that targeted Chilean banks, and their customers, demonstrates that this type of attack is gaining force and continues to evade traditional anti-malware software."Talking you through the steps of an attack, Tomer outlines how it shapes up, "It all starts with a simple, innocent-looking phishing email that encourages the user to click a link to visit a website for more details. However, rather than then asking the user to divulge personal details - which most are now wise to, it instead tells the user that they need to download the latest version of Adobe Flash Player to view the page. Most users will be duped into believing this and will click the link. However, rather than receiving the latest version of Flash, they"re actually downloading malware. Once 'installed' the flash-player Trojan writes itself to the registry, then asks the user to 'Run' the programme, which allows it to survive the reboot and infects the machine. To avoid detection, the Trojan creates the new hosts file as read-only file."Explaining the consequences of having infected the machine with the malware, Tomer continues, "From this point, the malware overwrites the users file mapping of hostnames (URL) to network address (IP) mechanism. The next time the user tries to connect to a banking application, or other frequently visited URL, the Trojan instead redirects the user to a fake site controlled by the criminals, which mimics the real site. Often it is so cleverly done that the user would struggle to tell the difference. However it is here that the credentials are stolen, or the user is duped into completing a bogus transaction." (Imperva: ma)
- Anzeigen -





Kostenloser IT SecCity-Newsletter
Ihr IT SecCity-Newsletter hier >>>>>>

- Anzeigen -


Meldungen: Products & News

  • NTP amplification attacks

    Prolexic Technologies specialist in Distributed Denial of Service (DDoS) protection services, now part of Akamai, issued a high alert threat advisory on NTP amplification DDoS attacks. This attack method has surged in popularity this year, fueled by the availability of new DDoS toolkits that make it simple to generate high-bandwidth, high-volume DDoS attacks against online targets.

  • Launching Crippling Reflection Attacks

    Prolexic Technologies, specialist in Distributed Denial of Service (DDoS) protection services, issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.

  • 110609_wor_akt_imperva

    Imperva warns Boy-in-the-Browser (BITB) attacks are gaining force as they continue to evade traditional anti-malware software. Tomer Bitton, from the Imperva Application Defense Center, explains, "Many are familiar with Man-in-the-Browser (MitB) attacks, but most are unaware of the lesser known Boy-in-the-Browser (BitB). Not as sophisticated as MitB, BitB malware has evolved from traditional key loggers and browser session records.

  • 110621_wor_akt_trusteer

    Co-operative Financial Services (CFS) has launched a new free service that protects its customers against the threat of online attacks from fraudsters and cyber criminals. The service called "Trusteer Rapport" provides customers with additional protection for their personal information when they use their computer to access their bank account online. Rapport will also warn customers of further risks such as phishing attacks; prevent Trojans from capturing their details and inhibit any interference with online communications.

  • 110624_wor_akt_imperva