24 January 2018
visit www.ebaday.com

Security experts warn of Trojan.Silentbanker

15 January 2008  |  11073 views  |  0 biometric  eye

Experts at security firm Symantec are warning of a new trojan program that circumvents two-factor authentication systems and intercepts account information before it is encrypted.

In a company blog Symantec researcher Liam O'Murchu warns that Trojan.Silentbanker targets over 400 banks across the world and is able to perform man-in-the-middle attacks on valid transactions.

The Trojan can also intercept transactions that require two factor authentication. It can then change the user-entered bank account details to the attacker's account details instead.

"The Trojan ensures that the user does not notice this change by presenting the user with the details they expect to see, while all the time sending the bank the attacker's details instead," says O'Murchu in his blog. "Since the user doesn't notice anything wrong with the transaction, they will enter the second authentication password, in effect handing over their money to the attackers."

The program intercepts all of this traffic before it is encrypted, says Symantec, so even if the transaction takes place over SSL the attack is still valid.

Furthermore, when instructed, the Trojan can redirect users to an attacker-controlled server instead of the real bank in order to perform a man-in-the-middle attack. O'Murchu says currently there is one bank targeted this way, which isn't named.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Macs target for phishing trojan

Macs target for phishing trojan

02 November 2007  |  6588 views  |  0 comments
German cops arrest phishing gang

German cops arrest phishing gang

14 September 2007  |  11135 views  |  0 comments
Banker Trojans on the rise; pump-and-dump schemes hit Europe

Banker Trojans on the rise; pump-and-dump schemes hit Europe

30 March 2007  |  6943 views  |  0 comments
Hackers steal Skr8m from Nordea accounts in trojan attack

Hackers steal Skr8m from Nordea accounts in trojan attack

19 January 2007  |  9126 views  |  0 comments
French banks lose EUR1 million to Trojan virus

French banks lose EUR1 million to Trojan virus

08 February 2006  |  7325 views  |  0 comments
Panda warns of Bancos.GW Trojan

Panda warns of Bancos.GW Trojan

01 July 2005  |  6222 views  |  0 comments

Related company news

 
visit www.vasco.comvisit www.niceactimize.comvisit www.thomsonreuters.info

Top topics

Most viewed Most shared
Banks shift priorities toward growth, digitisation and innovation - surveyBanks shift priorities toward growth, digi...
9777 views comments | 38 tweets | 48 linkedin
Standard Chartered establishes fintech innovation and investment unitStandard Chartered establishes fintech inn...
9483 views comments | 14 tweets | 14 linkedin
Sbanken opens developer portal and invites customers to build their own digital bankSbanken opens developer portal and invites...
8516 views comments | 17 tweets | 11 linkedin
Metro Bank joins digital revolution with instant online account openingMetro Bank joins digital revolution with i...
7033 views comments | 13 tweets | 25 linkedin
Could distributed ledgers restore the reputation of the MBS market?Could distributed ledgers restore the repu...
7017 views comments | 6 tweets | 9 linkedin

Featured job

Find your next job