A report released by Finjan, reveals how criminals are stealing the banking and other confidential financial data by infecting personal computers, leaving no trace behind, with crimeware like MPack Toolkit. The crimeware breaks into confidential information of customers, which includes user name, Password, and bank account numbers. Criminals infect the computers with crimeware and take out data through a secure communication channel (SSL). At the infected computer user’s end, everything remains normal including online browsing. Even the popular security solutions cannot detect it, according to Finjan.
How It Happens !
Crimeware is so creative that it generates webpage, exactly same in ‘look and feel’, instantly. As soon as a customer opens the website of a bank or any other financial institution, and starts feeding login details ,the crimeware takes over the browser and starts sending information to criminal’s servers. The customer never identifies anything abnormal.
“This attack is more dangerous than Phishing, and it is extremely difficult to detect,” says Yuval Ben-Itzhak, the CTO of Finjan.
The Crimeware operates parallel to the normal browsing in the background. User never realizes anything suspicious. The infection spreads from one user to another. When a user opens the main page of a legitimate website, embedded malicious code is also loaded silently.
A criminal hacker gets an access to extract all confidential information. Crimeware also use ‘Key logger’, to keep a track of ongoing activities on the infected computer .Popular security solutions and anti-virus programs do not protect computers completely from these embedded malicious codes, which creep in through legitimate sites, as this crimeware operates through SSL connections, Security solution are not configured for encrypted SSL connections.
The crime ware with malicious codes keeps changing its hosting locations, making it a difficult task to track. A ‘real-time content inspection technique’ is the only solution. It detects and provides safety from malicious codes and crime ware. “Real-time analysis is required to protect users from malicious code the first time it strikes,” observes Ben-Itzak of Finjan.
Safety Measures
Finjan, provides real -time global web gateway security solutions, to repel threats from hackers, including spyware, phishing, and malicious codes. Finjan’s research wing MCRC (Malicious Code Research Center), suggests measures and precautionary steps for customers and financial institutions. It advises that the services providers should never ask customer’s confidential information and codes online. Customers must contact through other means, incase it is demanded on a website, as why it is necessary. Customer must add a real-time inspection and protective web security solution to their computers. An updated security solution protects a user from financial frauds.
An Inch High Touchline 