« Comdom Software Announces... | Main | Virtualization Comes to... »

"Man In The Browser" Attacks Increasing

Filed in archive Security measures by Sue Walsh on November 26, 2007

A new generation of malicious code is being used in increasingly frequent attacks on banking sites. The technique is called "Man in the Browser" and involves Pharming, which is the practice of redirecting users to a fake website that looks like the legit site of a bank. The cybercrimal is able to infect redirected user's PC's with a code that is only triggered when the user visits the actual banking site. The user's login information is captured and sent to an FTP site for storage and eventual sale.

"With the enhancements that banks have deployed in terms of authentication security on their online banking sites, phishing attacks are becoming less and less effective and attacks of the 'Man in the Browser' are set to increase," says F-Secure's Chief Research Officer Mikko Hypponen.

The most effective tool to prevent such attacks appears to be security products that use behavioral analysis because the malicious codes are tailored for specific banks rather than being mass distributed. This new technique will prove challenging to security software publishers attempting to index threats.

Permalink: "Man In The Browser" Attacks Increasing
Tags: malware phishing security pharming online banking cybercriminals spyware viruses spam browser+attack

Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/103961

Spyware-Ranking: 67 Prozent Adware - 20 Februar 2007

Phishing for Fun and Destruction - 16 August 2007

New Editor Here! - 01 October 2007

Search Engines Unwary Bridge For Malware Attacks - 30 November 2007

FBI's "Operation Bot Roast" Nets Eight Arrests - 05 December 2007

Malware Sites Exploit Former Pakistani Prime Minister ... - 29 December 2007

Browser attacks up, spam down - 12 February 2008

Vote for "Man In The Browser" Attacks Increasing:

Currently 6.50/10
1
2
3
4
5
6
7
8
9
10

Rating: 6.5 out of 2 vote(s) cast.

Add your response to "Man In The Browser" Attacks Increasing: Response from: Richard I'm surprised that banks don't offer their own applications to use for online banking - for instance, a virtual machine that saves it's state running something like damn small linux + a web browser. This could be packaged with qemu. You'd boot the virtual machine, use your banking, then when you closed it off, the virtual machine wouldn't save changes, so it would always be the same. This could be distributed on read only flash memory, or even plain old CDs to avoid modifying the image. Good idea? Tutorial on how to do this on my blog. http://richbradshaw.wordpress.com/2007/11/27/solutions-to-%e2%80%98man -in-the-browser%e2%80%99-online-banking-security-threat/
Name: *	Email: (will never be shown)*	URL:

(* marked fields are required)
Notify me if more comments appear?	Subscribe to I got Spam?! newsletter? (Newsletters are sent out weekly).	Remember me
Security Code: * (Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)


We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

CW Toolbar
RSS	\| See all blog subscribe options
Google	\| What is RSS?
Yahoo!
Addthis
Bloglines
Newsletter

Advertisement - Book yours here.

You can contact Sue here!

Contributors (Last 90 days)
Prakash Kannoth (14)
Sue Walsh (54)
Dameon Welch-Abernathy (4)
This site has 371 entries and is powered by Creative Weblogging since January 2006.
Do you want to start or edit an existing blog for us and get paid? More info.
Do you want to advertise on this blog? We have great ideas!
Do you have tips for us? Send them!

Discover I got Spam?! on your cell phone! Simply type the URL of your favorite blog in your mobile browser.

Advertise with us
Learn more about our advertising options, visit our shop or give Sonja a call at +1 (650) 331 8047.
NEW you can also chat with us.

Would you like to have a new interactive marketing channel for your company? Learn more about Sponsored Blogs with Creative Weblogging. See how we helped companies like Weblin and cellity reach their goals.
Would you like to reach millions of blog readers every day? See you banner on hundreds of blogs with TierOneAds? Stay in control measuring conversion in real time. Register now.
Would you like to make more money blogging? Use TierOneAds a new platform that allows you as a blogger to set your prices per impression. Register now.
Do you have a blog with more than 50k page views from the US? Let us market your blog and earn great fix payments and bonuses.

Would you like to see your text link here? Let us know!

Advertisement
Book yours here.

Other blogs in the same channel in the Creative Weblogging Network

Disclaimer
Some of the contents of this site are protected Creative Weblogging Ltd. 2004-2008.

Blog this at your site "Man In The Browser" Attacks Increasing:

Login*	Password*


Your blog system

Save your login data? (* Your login data are stored securely and encrypted)
Please enter a comment that will appear right after the post on your site:

Tell a friend about "Man In The Browser" Attacks Increasing
Recipient email:*	Your email:*

(* Both email addresses are required for sending this article. They will never be shown or used for any marketing purposes)
Please enter a message which will be shown together with the article:

Security Code: (Please help us to sort out spam.)

"Man In The Browser" Attacks Increasing

Filed in archive Security measures by Sue Walsh on November 26, 2007

Related Entries:

Vote for "Man In The Browser" Attacks Increasing:

Add your response to "Man In The Browser" Attacks Increasing:

Blog this at your site "Man In The Browser" Attacks Increasing:

Tell a friend about "Man In The Browser" Attacks Increasing

Check out our Sponsored Blogs!

Our Editors recommend

Contributors (Last 90 days)

Categories

Archives

Advertise with us

Most popular

Recent Comments

Other blogs in the same channel in the Creative Weblogging Network

Ecommerce & Internet

Disclaimer

Find more recent entries from our other publications:

Web 2.0

The Social Networking Weblog

The Search Engine Weblog

The Dating Weblog

Are you a beauty?

Straightfromthedoc