Kaspersky Lab says it has developed technology to counteracts the tricks of financial cyber-criminals using Man-in-the-Browser attacks to carry out fraudulent activities.
Man-in-the-Browser attacks are usually the implementation of HTML code into a page opened by a client’s browser in order to steal data that is accessed by the client. The creators of financial malware often modify HTML codes for the websites of banks.
With this mode of attack, when a client tries to open the necessary page, the malicious program detects this activity and modifies the design of various elements of the web pages (firstly, the input field), and then steals the authentication data entered, or changes the account numbers, to redirect where money is transferred.
[quote font=”georgia” font_size=”22″ font_style=”italic” align=”left” arrow=”yes”]According to the tech security company, once such a web page is opened from an infected device, the malicious program using the Man-in-the-Browser technique will recognise it as the bank’s website and try to make changes that will be immediately detected by the system. [/quote]Lab says it has developed a kind of ‘trap’- a banking page which has the hallmarks of different financial institution sites, the fragments of HTML code specific to the web pages of banks and payment systems. The technology is based on the use of special “scanning” web pages, which are integrated with a specific HTML code, to encourage malware to reveal its functions. The new technology detects the implementation of HTML code into a page opened by a client’s browser.
According to the tech security company, once such a web page is opened from an infected device, the malicious program using the Man-in-the-Browser technique will recognise it as the bank’s website and try to make changes that will be immediately detected by the system.
Commenting on the new technology, Denis Gorchakov, Senior Fraud Analyst at Kaspersky Fraud Prevention, says that “if an attempt is made to embed HTML code, it’s highly likely that the user device is infected. Having detected such an attempt, the bank can block the transaction in time to protect its customer’s money from theft. We can also help the users affected by fraud to eliminate the consequences of infection with our specialist Kaspersky Fraud Prevention for Endpoints solution.”
Kaspersky Lab is a global cyber-security company founded in 1997, with over 400 million users of its security technologies across the globe, Nigeria inclusive.