Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42872
  • Total Topics: 16081
  • Online Today: 4069
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Tatanga Trojan attacks on German & USA banks  (Read 2031 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Tatanga Trojan attacks on German & USA banks
« on: 26. May 2012., 07:48:16 »


The security vendor Trusteer is warning banks to look out for a sophisticated Trojan capable of emptying the account of an online customer.

The criminal scheme perpetrated through the Tatanga Trojan has already attacked the sites of several German banks, and Trusteer expects it to be reconfigured in time for banks in other countries, including the U.S. "Many [U.S. banks] are using the exact same framework as German banks, so they should care," Oren Kedem, director of product marketing for Trusteer, said Monday.

The cyber-criminals are taking advantage of the text messaging German banks use to authenticate an online transaction. When a person transfers funds, the bank first sends a transaction authorization number (TAN) to the customer's mobile phone. That number has to be typed into a web form before the transfer is completed. U.S. banks use similar authentication for some transactions.

When a victim logs into his banks' site, the malware displays a screen saying the bank is performing a security check and asks that at a TAN be punched into a form on the page. Behind the scene, the Trojan checks the victim's accounts for the one with the most money and then requests a TAN from the bank, so the money can be transferred to the hackers' account.

From the victim's perspective, the bogus page says the amount of money and the receiving account are only test data and nothing will actually happen. However, once the TAN is inputted into the form, the unsuspecting bank immediately completes the transfer to the fraudulent account. To cover its tracks, the malware changes the account balance report in the online banking application to hide the transaction.

The malware creators still have some work to do to improve the effectiveness of the scam. The fraudulent page is littered with grammar and spelling mistakes, which should be a tip off for many victims.

Nevertheless, that's an easy fix and doesn't take away from Trojan's overall uniqueness. The malware's ability to check the balances in multiple bank accounts to choose the one with the most money is a level of sophistication Trusteer had not seen before, Kedem said. "That's another step up for malware honing the attack, such that it's even more optimal."

Trusteer believes the malware spreads mostly through people visiting legitimate Web sites in which the hackers have embedded malicious links or fake advertising that downloads the Trojan, Kedem said. The company does not know who many systems have been infected, but it expects the criminals to expand their operations.

"Nobody is immune from these types of attacks," he said.

(NW)

Samker's Computer Forum - SCforum.info

Tatanga Trojan attacks on German & USA banks
« on: 26. May 2012., 07:48:16 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising