Filed in archive Security measures by Sue Walsh on November 26, 2007

A new generation of malicious code is being used in increasingly frequent attacks on banking sites. The technique is called "Man in the Browser" and involves Pharming, which is the practice of redirecting users to a fake website that looks like the legit site of a bank. The cybercrimal is able to infect redirected user's PC's with a code that is only triggered when the user visits the actual banking site. The user's login information is captured and sent to an FTP site for storage and eventual sale.

"With the enhancements that banks have deployed in terms of authentication security on their online banking sites, phishing attacks are becoming less and less effective and attacks of the 'Man in the Browser' are set to increase," says F-Secure's Chief Research Officer Mikko Hypponen.

The most effective tool to prevent such attacks appears to be security products that use behavioral analysis because the malicious codes are tailored for specific banks rather than being mass distributed. This new technique will prove challenging to security software publishers attempting to index threats.

Related Entries:

Drive-By Pharming: Symantec Says to Change Your Passwords - 17 February 2007
Spyware-Ranking: 67 Prozent Adware - 20 February 2007
Phishing for Fun and Destruction - 16 August 2007
New Editor Here! - 01 October 2007
Search Engines Unwary Bridge For Malware Attacks - 30 November 2007
FBI's "Operation Bot Roast" Nets Eight Arrests - 05 December 2007
Malware Sites Exploit Former Pakistani Prime Minister Bhutt... - 29 December 2007
Browser attacks up, spam down - 12 February 2008
Malware Authors Fighting For Their Rights - 03 May 2008

« Comdom Software Announces... | Main | Virtualization Comes to M... »

Permalink: "Man In The Browser" Attacks Increasing

Tags: malware phishing security pharming online banking cybercriminals spyware viruses spam browser+attack

Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/103961

Addthis

Ask

Blinklist

del.icio.us

Digg

Fark

Facebook

Google

Lycos

Ma.gnolia

Mr Wong

Netscape

Netvousz

Newsvine

StumbleUpon

Slashdot

Tailrank

Technorati

Wink

Yahoo

Vote for "Man In The Browser" Attacks Increasing:

Currently 6.50/10
1
2
3
4
5
6
7
8
9
10

Rating: 6.50 out of 2 vote(s) cast.

Response from: Richard (11/27/07 6:13am)

I'm surprised that banks don't offer their own applications to use for online banking - for instance, a virtual machine that saves it's state running something like damn small linux + a web browser. This could be packaged with qemu.

You'd boot the virtual machine, use your banking, then when you closed it off, the virtual machine wouldn't save changes, so it would always be the same.

This could be distributed on read only flash memory, or even plain old CDs to avoid modifying the image.

Good idea?

Tutorial on how to do this on my blog.

http://richbradshaw.wordpress.com/2007/11/27/solutions-to-%e2%80%98man
-in-the-browser%e2%80%99-online-banking-security-threat/