Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
An analysis into the use of financial malware has shown that despite a fall in the number of new programs detected criminals are still managing to beat security measures designed to stop fraud.
The study found that discoveries of malware aimed at banks and other financial groups is trending downwards this isn’t reflected in a reduced threat. Rather the threats are increasing as malware writers are getting smarter.
“Financial institutions around the world are seeing increasing losses from cybercrime,” wrote Roel Schouwenberg, senior antivirus researcher at Kaspersky Labs.
“Investing in better security costs a lot of money. However, this is a choice that banks clearly have to make.”
C notes that attack vectors have changed significantly in the last year, with far less reliance on easily blocked spam containing malware to attack code being embedded in web pages.
This is in line with other software attacks but what differentiated the malware for finance houses is its sophistication. Traditional keylogging software is now being replaced by Trojans, that can download ever more complex spying tools.
For example, two factor authentication for online banking (the use of a hardware token in addition to a secret password) is increasingly ineffective, as malware writers have perfected the tools to get around it by redirecting the user to a separate server to harvest the necessary access information in real time – the so called ‘man in the middle’ attack.
This defeats the two factor process but malware writers have taken the process a step further with a new ‘man in the endpoint’ attack. This eliminates the need for a separate server by condiucting the entire attack on the user’s machine.
“There are several significant advantages to this approach,” Schouwenberg explains.
“Firstly, there's a direct connection with the financial organisation so there's no chance of a transaction being tagged simply because a user has l ogged on from an unknown IP address. Secondly, a MitE will have a better success rate than a MitM attack if used against a system which employs complex defences.”
The situation is being aided by the increasing use of ‘money mules’, people who are recruited to act as recipients of stolen funds and pass them on in the form of eGold or moneygram certificates to the fraudster in exchange for a 10-15 per cent discount.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.