Submission + - The Evolution of Proxy Trojans (securityweek.com)
wiredmikey writes: The Evolution of Proxy Trojans — With large amounts of money being spent online, it comes as no surprise that the online banking and online retailers are attractive targets to hackers. Proxy Trojans are nothing new. They’ve evolved into three categories: Keyloggers, Browser-session recorders and Man in the Browser (MitB).
Most prominent Trojans, such as Zeus, Gozi, URLZone, Sinowal and SpyEye all have MitB capabilities. As one-time passwords and two-factor authentication mechanisms become more common among online banking applications, the credentials obtained by Proxy Trojans will become less effective. Consequently, attackers are starting to improve the autonomous capabilities of MitB code. The recent, and potentially costly, SilentBanker Trojan targeted more than 400 banks and had the ability to intercept banking transactions – even those guarded by two-factor authentication.
While avoiding infection by Proxy Trojans is presumably the responsibility of consumers, MitB attacks are quickly becoming a concern of online service providers. The actual rate of infection and the proliferation of the many types of MitB malware suggests that providers must be able to serve and protect those customers who may be infected with one type of malware or another.
Most prominent Trojans, such as Zeus, Gozi, URLZone, Sinowal and SpyEye all have MitB capabilities. As one-time passwords and two-factor authentication mechanisms become more common among online banking applications, the credentials obtained by Proxy Trojans will become less effective. Consequently, attackers are starting to improve the autonomous capabilities of MitB code. The recent, and potentially costly, SilentBanker Trojan targeted more than 400 banks and had the ability to intercept banking transactions – even those guarded by two-factor authentication.
While avoiding infection by Proxy Trojans is presumably the responsibility of consumers, MitB attacks are quickly becoming a concern of online service providers. The actual rate of infection and the proliferation of the many types of MitB malware suggests that providers must be able to serve and protect those customers who may be infected with one type of malware or another.