The Trojan horse concealed Greeks soldiers who were to overtake the city of Troy once the former had been brought in. Instead of being help up at gunpoint, today’s victims of bank details theft are being surreptitiously robbed by a new breed of criminals operating from their basement. As early (in Internet development years) as 2000 an insightful article published by Aerospace and Electronic Systems Magazine warned against the vulnerability of online banking. Since 2006, a new breed of Trojan viruses such as Sinowal, Torpig and Mebroot have been successfully used to steal an estimated half-a-million online banking account details.
It all starts when an unsuspecting web surfers catches one of the viruses while browsing on unsecured porn or gambling Web sites. Upon activation, the virus conceals itself on the master hard disk, flying below the radar of 68.6% of the antivirus software (24 out of 35). The virus has a register of 2,700 online banking Websites and it is triggered whenever the user accesses one of them. The virus then discreetly alters the HTML login form on the web browser to record all the sensitive data and forward it to a network of compromised computers cleverly laid-out and constantly redesigned to make it hard to locate the command and control point of the botnet chain.
Security group RSA advised the authorities after discovering a database of 300,000 bank accounts and 250,000 electronic cards accounts details. These kind of trojan viruses have affected hundreds of financial institutions across the world.
Needless to say, the heavy majority of trojan viruses are designed to operate on Microsoft Windows and on a Web browser that has writing privileges to the master disk (read: Internet Explorer). Some viruses for Apple OSX have been appearing too. Using an account with limited priviledges can reduce the risk of infection but online banking methods using one-time login keys are 100% efficient. The bank usually provides an input or timing device that uses algorithms to generate a unique key for each new login session. Trojan viruses can record all the other information, but the one-time key is useless and the account cannot be accessed without the proper one. Unless of course, someone manages to reverse-engineer those key-generating devices…
An EETimes article on security chips quotes an expert explaining how “Most people can’t reverse-engineer a smart card, so the cards are secure enough against most attackers. But both smart cards and memory cards assume that the reader is trusted, and they can be defeated by a malicious reader.“
Post a Comment