New threat to Internet banking security exposed
New threat to Internet banking security exposed
Security experts have uncovered a worrying new method used by hackers to intercept passwords of Internet banking customers – a program that appears disguised as a pop-up ad before installing itself on the user's computer and logging keystrokes.
The technique was discovered by SANS' Internet Storm Center, the "Internet early warning system" arm of the information security training and certification provider, comprised of public and private sector security experts and university researchers.
The program, which threatens Microsoft Windows 2003, XP, 2000, NT, ME, 98 and 95 operating systems has a target list of around 50 banks and financial institutions, including the leading Australian banks. It can tell when the user's browser is going to the bank's website. Once the user is on their banking site, the trojan looks for login passwords and steals the information.
SANS analyst Tom Liston expressed deep concerns about this latest threat to Internet banking security.
"I believe that this particular type of malware (malicious code) represents a huge threat to the online financial industry. As the proliferation of ad/spyware shows, installing executable software on user's machines is far too easy. The approach of using a BHO (Browser Helper Object) makes this method of stealing identity information all the more insidious."
Related Article: