Friday, October 30, 2009

Will New Banking Trojan Make Tokens Obsolete?



I did a brief post on this yesterday.  Here's a follow-up.  On September 30th, analysts were arguing over which Online Banking Trojan (Clampi or Zeus) was MORE dangerous.  Clampi was called the "Big One" and several analysts agreed that the only way to defend against Clampi was to use a separate machine for online banking and for web browsing/checking email.  Zeus was famous for being invisible to up-to-date-anti-virus programs.  Then, on October 2nd, an even more dangerous online banking trojan was discovered.  This one was calleed urlZone and it was the anti-christ of all online banking trojans.  This one not only stole your online banking credentials, it also changed your online statements showing that no money was taken.  Talk about Stealth.  Talk about Next-Gen Trojans...





Yesterday we learned about W32.Silon.  This one evades security tokens. 





Speaking of evading security tokens, Did anyone tell HSBC about this newest Online Banking Trojan?  Because HSBC announced today that they were going to deploy band-aids...er...one-time tokens globally.   Oops!







I have a better idea for HSBC. How about a HomeATM card reader with a built in PIN Pad. It comes in two flavors. Magnetic Stripe card reader or Smart Card Reader. Both have a PCI 2.x Certified PIN Entry Device built-in. The Smart Card Reading HomeATM PIN Entry Device is pictured below. Note the Smart Card Chip Reading Slot on the front bottom.

I respectfully implore the online banking industry to stop screwing around with band-aids. The online banking system is crumbling all around you and you keep putting your finger in the dyke. Time to bite the bullet...and utilize a bullet proof system.

One that has been trusted for decades to dispense cash in real-time. Swipe your card (or Insert Card in the case of EMV) and Enter Your PIN. Voilla!

No username, no passwords, no phishing, no keystroke logging, no fear............no brainer!

Here's an excerpt from an article at IT Management on the second next generation online banking Trojan to rear it's ugly (two) heads...




A new Trojan called "W32.Silon" is the latest headache for online banks and their customers, packing a one-two punch that helps it evade security tokens and steal customer log-in information at the same time.



The two-headed Trojan, according to online security software vendor Trusteer, uses a "two-pronged payload" to steal log-in information and commit financial fraud at popular online banks.



"This new Trojan illustrates how advanced malware writers have become in their ability to dynamically execute multiple, bank-specific attacks with a single piece of software," Amit Klein, CTO and chief researcher at Trusteer, said in a statement. "The level of sophistication built into W32.Silon is concerning...







W32.Silon is a new malware variant that intercepts Internet Explorer Web browser sessions and has been associated with fraud incidents at several large banks, according to Trusteer researchers.



To steal user credentials, W32.Silon performs its initial attack when a user begins a Web log-in session and enters his username and password. The malware intercepts the log-in POST request, encrypts the requested data and sends it to a command-and-control (C&C) server...


Continue Reading about W32.Silon





Reblog this post [with Zemanta]

Disqus for ePayment News