SpyEye Trumps Mobile Banking SMS Security Systems

Thursday, October 06, 2011



Researchers from security solutions provider Trusteer have identified an advanced attack method utilizing the SpyEye Trojan which undermines mobile banking SM-based authentication systems.

SpyEye is a particularly nasty piece of malicious software which can harvest credentials for online accounts.

The new attack is designed to harvest SMS text messages that contain a one-time use code sent to customers by institutions as an added security measure for clients engaged in mobile banking transactions, making SpyEye an even more powerful tool for stealing financial login credentials.

"This latest SpyEye configuration demonstrates that out-of-band authentication systems, including SMS-based solutions, are not fool-proof," the researchers said.

According to an article in CSO, the attackers first harvest the login credentials of the intended victim. The attackers then engage in social engineering to gain access to the mobile phone's confirmation code issued by the bank by injecting a fake webpage into the victim's browser that looks like a security notification from the bank.

"Using a combination of MITB (man in the browser injection) technology and social engineering, fraudsters... buy themselves more time since the transactions have been verified and fly under the radar of fraud detection systems," the researchers explained.

The attackers then access the victim's account controls and change the associated phone number, giving them the ability to pilfer funds without the target being notified of the transactions.

If a target's mobile device has been infected with the SpyEye Trojan, it is extremely difficult to detect and defend against the attack.

"The only way to defeat this new attack once a computer has been infected with SpyEye is using endpoint security that blocks MITB techniques. Without a layered approach to security, even the most sophisticated OOBA schemes can be made irrelevant under the right circumstances," the research team noted.

Source:  http://www.csoonline.com/article/691195/spyeye-trojan-targets-online-banking-security-systems

Possibly Related Articles:
Viruses & Malware
Trojans malware Headlines Man-In-The-Middle hackers SpyEye SMS Mobile Security Mobile Banking
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.