W32 Silon Trojan bypasses security tokens and banking card readers to commit online financial fraud W32 Silon Trojan bypasses security tokens and banking card readers to commit online financial fraud - RSS feed from Security Park
(13/11/2009)

The new Trojan called W32.Silon bypasses security tokens, banking card readers and uses a two pronged payload to steal login information and commit online financial fraud. W32.Silon is new malware variant that intercepts Internet Explorer web browser sessions, and has been associated with fraud incidents at several large banks.

The Trusteer Rapport browser security service has blocked repeated attempts in-the-wild by the W32.Silon Trojan to compromise consumer internet banking accounts. Findings gathered from a sample of the new malware are available in a report that explains its functionality, as well as how to detect and remove W32.Silon.

Trusteer retrieved and analyzed a sample of this two headed Trojan which is designed to steal generic login information and commit bank-specific fraud. To steal user credentials, W32.Silon performs its initial attack when a user initiates a web login session and enters their username and password. The malware intercepts the login POST request, encrypts the requested data, and sends it to a command & control (C&C) server.

When it targets users of online banking applications that are protected by transaction authentication devices such as tokens or banking card readers, W32.Silon waits until the user has logged on and then injects dynamic html code into the login flow between the user and the bank's web server. First, the malware presents authentic looking web pages that appear to be from the bank asking the user to employ their transaction authentication device. Next, the user is asked to enter information from the device into the webpage. This information is then used by the criminals to execute fraudulent transactions on behalf of the user.

"This new Trojan illustrates how advanced malware writers have become in their ability to dynamically execute multiple, bank-specific attacks with a single piece of software," said Amit Klein, CTO and chief researcher at Trusteer. "The level of sophistication built-into W32.Silon is concerning, as is its focus on circumventing strong authentication systems like card and PIN readers. We have put all of our banking customers on alert, and are attempting to get the word out with this advisory."

Related topics:  Authentication and identity management   Hacking and intrusion prevention   Internet and Web security   Virus, Worm, Email security, spyware and malware 


print versionPrint version | email this to a friendEmail to a friend | related articlesRelated articles


Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.


Other Security news and resources


Security News Suppliers Directory Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security interviews Security companies Security events Security links Security market

Product channels

Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

IT Security white papers and research library

Access Control  Authentication  Data Management  Data Security  Digital Signatures  Email Security  Identity Management  Internet Security  Intrusion Prevention  Network Security  Remote access security  Security Management  Security Policies  Security Software  Security Threats  Virus Detection Software  Virus Protection  VPN  Vulnerability Assessment  Wireless Security 

Security books, guides, standards and toolkits

RFID and Smart Cards books, guides and reference documents  Biometric books, guides and reference documents  CCTV books, guides and reference documents  Intruder alarms and intrusion detection systems books, guides and reference documents  Monitoring and surveillance books, guides and reference documents  IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits  Fire, Health & Safety books, guides and reference documents

Security Resources
Directory GET LISTED! Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security companies Security events Security links Security market Company news

Security Products
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Security products

Security Markets
Bank and financial services security Corporate and enterprise security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security Small business security Sports and recreational security Transport and logistics security


Ensure that you conduct an effective information security risk assessment that is in line with ISO 27001 by purchasing vsRisk™ Risk Assessment Tool

Need a
Security reference book?
Find it on Amazon
Security books







advertise
sumbit an article
copyright
terms & conditions
privacy policy


CMS and Web design by www.Areza.com

Article search

Directory search


add your company
Google

ISO 18028 (Network Security Management)
Home | About | Contact | Submit article | Advertise | Newsletter | RSS | Search