17 August 2017
Find out more

Security experts warn of Trojan.Silentbanker

15 January 2008  |  10953 views  |  0 biometric  eye

Experts at security firm Symantec are warning of a new trojan program that circumvents two-factor authentication systems and intercepts account information before it is encrypted.

In a company blog Symantec researcher Liam O'Murchu warns that Trojan.Silentbanker targets over 400 banks across the world and is able to perform man-in-the-middle attacks on valid transactions.

The Trojan can also intercept transactions that require two factor authentication. It can then change the user-entered bank account details to the attacker's account details instead.

"The Trojan ensures that the user does not notice this change by presenting the user with the details they expect to see, while all the time sending the bank the attacker's details instead," says O'Murchu in his blog. "Since the user doesn't notice anything wrong with the transaction, they will enter the second authentication password, in effect handing over their money to the attackers."

The program intercepts all of this traffic before it is encrypted, says Symantec, so even if the transaction takes place over SSL the attack is still valid.

Furthermore, when instructed, the Trojan can redirect users to an attacker-controlled server instead of the real bank in order to perform a man-in-the-middle attack. O'Murchu says currently there is one bank targeted this way, which isn't named.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Macs target for phishing trojan

Macs target for phishing trojan

02 November 2007  |  6495 views  |  0 comments
German cops arrest phishing gang

German cops arrest phishing gang

14 September 2007  |  10226 views  |  0 comments
Banker Trojans on the rise; pump-and-dump schemes hit Europe

Banker Trojans on the rise; pump-and-dump schemes hit Europe

30 March 2007  |  6835 views  |  0 comments
Hackers steal Skr8m from Nordea accounts in trojan attack

Hackers steal Skr8m from Nordea accounts in trojan attack

19 January 2007  |  9030 views  |  0 comments
French banks lose EUR1 million to Trojan virus

French banks lose EUR1 million to Trojan virus

08 February 2006  |  7143 views  |  0 comments
Panda warns of Bancos.GW Trojan

Panda warns of Bancos.GW Trojan

01 July 2005  |  6133 views  |  0 comments

Related company news

 
visit www.dorsum.eudownload the paper nowvisit www.worldpaymentsreport.com

Top topics

Most viewed Most shared
Coinbase raises $100mCoinbase raises $100m
10429 views comments | 14 tweets | 14 linkedin
DBS Bank launches online car selling marketplaceDBS Bank launches online car selling marke...
9827 views comments | 13 tweets | 11 linkedin
China preps central clearing house for mobile payments providersChina preps central clearing house for mob...
9743 views comments | 8 tweets | 15 linkedin
Monzo appoints Curve co-founder Foster-Carter COOMonzo appoints Curve co-founder Foster-Car...
8138 views comments | 1 tweets | 3 linkedin
hands typing furiouslyCompliance: Overcome the data deficit
7615 views 0 | 1 tweets | 8 linkedin

Featured job

Competitive
New York, NY - USA (some flexibility on location)

Find your next job