Security firm F-Secure has issued a warning to computer users all over world regarding an increase in attacks that target user data on banking Web sites. These attacks use a new generation of malicious codes and a technique known as “Man in the Browser”.
From time immemorial, cyber criminals have been seeking ways to steal the personal and banking details of Web users. Now, as time has gone by, and security solutions have become increasingly sophisticated, their techniques too have become more sophisticated.
First it started with keylogging software that was capable retrieving data typed into a computer. Then, more complex mechanisms like phishing and pharming came one the scene.
Now, the latest technique used for such attacks is called “Man in the Browser”. It involves a cyber criminal pretending to be the bank’s site, intercepting data passed on by the user, and then using that data to access the real bank site to gain access to the account.
Once the PC has been infected, the malicious code is only triggered when the Web user visits his online bank site. This type of malware is capable of retrieving the information (login and password) that the Web user enters in on the real Web page of the bank site by intercepting the HTML code on his Web browser.
This personal data is then sent directly to an FTP site, where the cyber criminal stores it, before selling it on to the highest bidder on other Web sites used by cyber criminals.
According to F-Secure, security products that use behavioral analysis are the best solution against such attacks, as the malicious codes are designed to specifically for certain banking sites. Unlike attacks using phishing, these are not distributed in bulk, and this restricted distribution poses a real challenge to security software publishers when it comes to referencing these viruses and using signature recognition.
Mikko Hypponen, the Chief Research Officer at F-Secure said, “With the enhancements that banks have deployed in terms of authentication security on their online banking sites, phishing attacks are becoming less and less effective, and attacks of the ‘Man in the Browser’ type are set to increase.”