Friday, November 30, 2007

Malware Targets E-Banking Security Technology

Brian Krebs writes on Security Fix:

A new class of malicious software contains a feature specifically designed to thwart online security technology implemented by Bank of America and many other financial institutions that allow their customers to monitor and make changes to their accounts via the Internet.

The feature was found in a recent version of "Pinch," a widely distributed Trojan horse program that gives bad guys the ability to steal usernames and passwords from a victim's computer. Turns out, the newly detected version of Pinch also looks for and steals a special token that gets planted on the machine of anyone who banks online with a financial institution that is using Adaptive Authentication, a Web site security technology owned by RSA Security.

More here.

1 Comments:

At Sat Mar 27, 09:32:00 AM PDT, Anonymous bangin said...

E-banking will be a high risk if the system not secure. Audit trail and protection systems must be reliable. A number of banks in Indonesia was attacked through exploitation of weaknesses in the ATM. But that case was resolved quickly and encourage the Bank of Indonesia to review and implement a better security system.

 

Post a Comment

<< Home