Whole Network Announcements Anti-Spam Tools Archival Tools Malware Security measur... Spam Spam News

« Comdom Software Announces... | Main | Virtualization Comes to M... »

"Man In The Browser" Attacks Increasing

Filed in archive Security measures by Sue Walsh on November 26, 2007

A new generation of malicious code is being used in increasingly frequent attacks on banking sites. The technique is called "Man in the Browser" and involves Pharming, which is the practice of redirecting users to a fake website that looks like the legit site of a bank. The cybercrimal is able to infect redirected user's PC's with a code that is only triggered when the user visits the actual banking site. The user's login information is captured and sent to an FTP site for storage and eventual sale.

"With the enhancements that banks have deployed in terms of authentication security on their online banking sites, phishing attacks are becoming less and less effective and attacks of the 'Man in the Browser' are set to increase," says F-Secure's Chief Research Officer Mikko Hypponen.

The most effective tool to prevent such attacks appears to be security products that use behavioral analysis because the malicious codes are tailored for specific banks rather than being mass distributed. This new technique will prove challenging to security software publishers attempting to index threats.

Permalink: "Man In The Browser" Attacks Increasing
Tags: malware phishing security pharming online banking cybercriminals spyware viruses spam browser+attack

Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/103961

Bookmark this entry:

Addthis

Ask

Blinklist

del.icio.us

Digg

Fark

Facebook

Google

Lycos

Ma.gnolia

Mr Wong

Netscape

Netvousz

Newsvine

StumbleUpon

Slashdot

Tailrank

Technorati

Wink

Yahoo

Spyware-Ranking: 67 Prozent Adware - 20 February 2007

Phishing for Fun and Destruction - 16 August 2007

New Editor Here! - 01 October 2007

Search Engines Unwary Bridge For Malware Attacks - 30 November 2007

FBI's "Operation Bot Roast" Nets Eight Arrests - 05 December 2007

Malware Sites Exploit Former Pakistani Prime Minister Bhutt... - 29 December 2007

Browser attacks up, spam down - 12 February 2008

Malware Authors Fighting For Their Rights - 03 May 2008

Vote for "Man In The Browser" Attacks Increasing:

Currently 6.50/10
1
2
3
4
5
6
7
8
9
10

Rating: 6.50 out of 2 vote(s) cast.

Add your response to "Man In The Browser" Attacks Increasing: Response from: Richard (11/27/07 3:13am) I'm surprised that banks don't offer their own applications to use for online banking - for instance, a virtual machine that saves it's state running something like damn small linux + a web browser. This could be packaged with qemu. You'd boot the virtual machine, use your banking, then when you closed it off, the virtual machine wouldn't save changes, so it would always be the same. This could be distributed on read only flash memory, or even plain old CDs to avoid modifying the image. Good idea? Tutorial on how to do this on my blog. http://richbradshaw.wordpress.com/2007/11/27/solutions-to-%e2%80%98man -in-the-browser%e2%80%99-online-banking-security-threat/
Name: *	Email: (will never be shown)*	URL:

(* marked fields are required)
Notify me if more comments appear?	Subscribe to I got Spam?! newsletter? (Newsletters are sent out weekly).	Remember me
Security Code: * (Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)


We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

RSS	\| See all blog subscribe options
Google	\| What is RSS?
Yahoo!
Addthis
Bloglines
Newsletter
Grouptivity

Use the search to look for other interesting posts

You can contact Sue here!

Contributors (Last 90 days)
Greg Cruey (1)
This site has 422 entries and is powered by Creative Weblogging since January 2006.
Do you want to start or edit an existing blog for us and get paid? More info.
Do you want to advertise on this blog? We have great ideas!
Do you have tips for us? Send them!

Advertise with us
Learn more about our advertising options or email advertising - at - creative-weblogging.com or give us a call at +1 (650) 331 4900.

Other blogs in the same channel in the Creative Weblogging Network

Ecommerce & Internet
The Dating Weblog

The Search Engine Weblog

The Social Networking Weblog

Web 2.0

Disclaimer
Some of the contents of this site are protected Creative Weblogging Inc. 2004-2009.

Tell a friend about "Man In The Browser" Attacks Increasing
Recipient email:*	Your email:*

(* Both email addresses are required for sending this article. They will never be shown or used for any marketing purposes)
Please enter a message which will be shown together with the article:

Security Code: (Please help us to sort out spam.)

"Man In The Browser" Attacks Increasing

Filed in archive Security measures by Sue Walsh on November 26, 2007

Bookmark this entry:

Related Entries:

Vote for "Man In The Browser" Attacks Increasing:

Add your response to "Man In The Browser" Attacks Increasing:

Tell a friend about "Man In The Browser" Attacks Increasing

Categories

Archives

Our Editors recommend

Contributors (Last 90 days)

Advertise with us

Most popular

Recent Comments

Other blogs in the same channel in the Creative Weblogging Network

Ecommerce & Internet

Disclaimer

Find other popular posts from our other blogs:

The Search Engine Weblog

The Dating Weblog

Web 2.0

The Social Networking Weblog

P2P File Sharing

Are you a beauty?