{"id":6404,"date":"2017-05-09T16:39:08","date_gmt":"2017-05-09T08:39:08","guid":{"rendered":"http:\/\/staging.bankvaultonline.com\/?p=6404"},"modified":"2017-05-09T16:39:08","modified_gmt":"2017-05-09T08:39:08","slug":"banking-trojans-caught-wild-threat-secure-online-banking","status":"publish","type":"post","link":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/","title":{"rendered":"Banking trojans caught in the wild&#8230;a threat to secure online banking"},"content":{"rendered":"<p style=\"text-align: center;\"><strong>Why you need a secure browser.\u00a0<\/strong><\/p>\n<p>Whilst this recent tale of a misunderstood cybercriminal in the underworld makes for entertaining reading, it is important news to every business and their bank accounts.<\/p>\n<p>In March 2017, after stumbling badly through the various tests put in front of new forum sellers to validate their intentions, one particular malware author calling himself Goysa\u00a0responded quite unusually, appearing to panic and dump all of his code online\u2014essentially giving his malware away for free.<\/p>\n<p>The malware it turns out, is quite legitimate, and researchers believe we will soon see it used in attacks against banking customers.<\/p>\n<p>Back in December 2016, Goysa\u00a0joined the trading forums spruiking it as new malware called NukeBot\u2014\u201ca Zeus-like banking trojan\u201d. Zeus is one of the most notorious pieces of malware developed in recent years, wreaking havoc through the mid-2000s and stealing vast sums of <a href=\"https:\/\/www.wired.com\/2017\/03\/russian-hacker-spy-botnet\/\">money for its mysterious owner<\/a>.<\/p>\n<p>The <a href=\"https:\/\/securityintelligence.com\/the-nukebot-trojan-a-bruised-ego-and-a-surprising-source-code-leak\/\">unconventional story of NukeBot\u2019s discovery<\/a>, and the analogies it has to Zeus turned heads in the cyber security and researcher community.<\/p>\n<p>NukeBot appears to have a range of impressive capabilities, which, like Zeus, enable it to be used in lots of different ways to carry out attacks. With the source code now dumped, other hackers can easily borrow it to repackage and re-distribute NukeBot as their own new malware.<\/p>\n<p>Antivirus software can often take a while to detect new malware, and most <a href=\"https:\/\/exchange.xforce.ibmcloud.com\/collection\/Nuclear-Bot-NukeBot-aka-Micro-Banking-Trojan-8b18e7c897b6be1575ddebec42f1d456\">do not currently detect NukeBot<\/a> (or the aliases of other related malware) at all.<\/p>\n<p>One of the interesting features identified in Nukebot is its support for what is called a \u201cMan-in-the-Browser attack. This kind of malware feature was prominent during the mid-2000s (around the time of Zeus) and its probable resurgence through examples such as NukeBot should be cause for worry.<\/p>\n<p>In particular, for online banking users, it is a highly effective attack which can quickly achieve direct access to your money. It\u2019s difficult to detect and difficult to prevent. It\u2019s also particularly good for getting around the modern encryption and two-factor authentication methods used to secure banking websites.<\/p>\n<p>A clean, secure browser will avoid such attacks, but it\u2019s nearly impossible to be sure if you really have a clean browser, and it\u2019s much too late when you find your money gone. To our knowledge <a href=\"https:\/\/www.bankvaultonline.com\/how-bankvault-works\/\">BankVault is the best solution in the marketplace today, for ensuring a new, pristine and safe browser<\/a> every time you need one.<\/p>\n<p><strong>About Man in the Browser attacks<\/strong><\/p>\n<p>The name, \u201cMan-in-the-Browser\u201d\u2019 describes an attack approach which is built around intercepting or interfering with your data as it\u2019s travelling between your computer and the bank.<\/p>\n<p>There\u2019s a variety of \u201cMan-in the\u2026.\u201d kind of attacks\u2014depending on where in the process <em>The Man<\/em> is trying to access your data. The most common form, Man-in-the-Middle, involves an attacker literally playing the role of a data middle-man when a victim logs onto a secure website like online banking. In the most well-known example of this, the attacker will access data travelling across free public Wi-Fi, and the victim essentially exposes all their password and logon information as it passes by.<\/p>\n<p>Although effective and relatively easy to carry out, an attacker using the Man-in-the-Middle method needs to be physically nearby to tap into your WI-FI connection. This limits the feasibility of carrying out such an attack on lots of people.<\/p>\n<p>The Man-in-the-Browser (MitB) method, on the other hand, uses malware to infect your internet browser. This is an important difference for a number of reasons. Firstly, it means it can readily scale to target thousands of people, without the attacker needing to leave home.<\/p>\n<p>Secondly, because the malware targets your internet browser, it gains access to your data <em>before<\/em> it is encrypted for transmission to the bank\u2014negating the central security mechanism used by the majority of websites on the internet.<\/p>\n<p>Finally, it can also be cleverly used to circumvent many of the other common security techniques used by websites\u2014including two factor authentication, and it doesn\u2019t give away any of the common security <em>tells <\/em>which will attract suspicion from you, your antivirus software, or the bank<em>\u2014<\/em>for example if you were redirected to a fake website.<\/p>\n<p>From the attacker\u2019s point of view, MitB methods provide good options for stealing information and money, and depending on how they set it up, can allow them to interfere with the way your browser displays your online banking session in real time\u2014such as adding extra fields for you to enter passwords, or at the banks end by adding charges to your transaction or diverting your funds without anything seeming amiss to you or the bank.<\/p>\n<p>It\u2019s simply not possible for a bank to secure against this kind of attack because it\u2019s out of their reach. As a businessperson, you need to take control of your end of the process. Ask the people who work to protect you about the difficulties protecting transactions, they\u2019ll all focus on the end user and their computer\u2014not the bank.<\/p>\n<p>BankVault gives you that confidence and control of the parts of the process banks can\u2019t secure for you.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why you need a secure browser.\u00a0 Whilst this recent tale of a misunderstood cybercriminal in the underworld makes for entertaining reading, it is important news to every business and their bank accounts. In March 2017, after stumbling badly through the various tests put in front of new forum sellers to validate their intentions, one particular [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6415,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37,15],"tags":[],"class_list":["post-6404","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Banking Trojans Caught In The Wild - BankVault Cyber Security<\/title>\n<meta name=\"description\" content=\"Whilst this recent tale of a misunderstood cybercriminal makes for entertaining reading, it is important news to every business and their bank accounts.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Banking Trojans Caught In The Wild - BankVault Cyber Security\" \/>\n<meta property=\"og:description\" content=\"Whilst this recent tale of a misunderstood cybercriminal makes for entertaining reading, it is important news to every business and their bank accounts.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/\" \/>\n<meta property=\"og:site_name\" content=\"BankVault\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/BankVaultOnline\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-05-09T08:39:08+00:00\" \/>\n<meta name=\"author\" content=\"BankVault\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:site\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"BankVault\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Banking Trojans Caught In The Wild - BankVault Cyber Security","description":"Whilst this recent tale of a misunderstood cybercriminal makes for entertaining reading, it is important news to every business and their bank accounts.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/","og_locale":"en_US","og_type":"article","og_title":"Banking Trojans Caught In The Wild - BankVault Cyber Security","og_description":"Whilst this recent tale of a misunderstood cybercriminal makes for entertaining reading, it is important news to every business and their bank accounts.","og_url":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/","og_site_name":"BankVault","article_publisher":"https:\/\/www.facebook.com\/BankVaultOnline\/","article_published_time":"2017-05-09T08:39:08+00:00","author":"BankVault","twitter_card":"summary_large_image","twitter_creator":"@bankvaultonline","twitter_site":"@bankvaultonline","twitter_misc":{"Written by":"BankVault","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#article","isPartOf":{"@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/"},"author":{"name":"BankVault","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639"},"headline":"Banking trojans caught in the wild&#8230;a threat to secure online banking","datePublished":"2017-05-09T08:39:08+00:00","dateModified":"2017-05-09T08:39:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/"},"wordCount":870,"publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"image":{"@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#primaryimage"},"thumbnailUrl":"","articleSection":["IT security news","News"],"inLanguage":"en-AU"},{"@type":"WebPage","@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/","url":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/","name":"Banking Trojans Caught In The Wild - BankVault Cyber Security","isPartOf":{"@id":"https:\/\/www.bankvault.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#primaryimage"},"image":{"@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#primaryimage"},"thumbnailUrl":"","datePublished":"2017-05-09T08:39:08+00:00","dateModified":"2017-05-09T08:39:08+00:00","description":"Whilst this recent tale of a misunderstood cybercriminal makes for entertaining reading, it is important news to every business and their bank accounts.","breadcrumb":{"@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/"]}]},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#primaryimage","url":"","contentUrl":""},{"@type":"BreadcrumbList","@id":"https:\/\/www.bankvault.com\/banking-trojans-caught-wild-threat-secure-online-banking\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.bankvault.com\/"},{"@type":"ListItem","position":2,"name":"Banking trojans caught in the wild&#8230;a threat to secure online banking"}]},{"@type":"WebSite","@id":"https:\/\/www.bankvault.com\/#website","url":"https:\/\/www.bankvault.com\/","name":"BankVault","description":"cybersecurity","publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.bankvault.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-AU"},{"@type":"Organization","@id":"https:\/\/www.bankvault.com\/#organization","name":"BankVault","url":"https:\/\/www.bankvault.com\/","logo":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","contentUrl":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","width":1212,"height":275,"caption":"BankVault"},"image":{"@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/BankVaultOnline\/","https:\/\/x.com\/bankvaultonline"]},{"@type":"Person","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639","name":"BankVault","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","caption":"BankVault"},"url":"https:\/\/www.bankvault.com\/author\/bankvault\/"}]}},"_links":{"self":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/6404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/comments?post=6404"}],"version-history":[{"count":0,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/6404\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/media?parent=6404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/categories?post=6404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/tags?post=6404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}