Online banking

Fake Chat Screen Malware Hijacks Banking Customers

A new attack against online banking customers uses a malware platform to trick its victims into verifying bogus transactions.The attack, first described by Trusteer CTO Amit Klein, waits for an unsuspecting business banking customer to log online before telling them that “security checks” need to be performed.

The U.S. Chamber of Commerce held a press conference this morning to unveil details surrounding a National Strategy for Trusted Identities in Cyberspace, or NSTIC as they are calling it.

While the press conference was somewhat vague in terms of specifics, the initiative appears to be designed to build a voluntary transactional ecosystem of trust between businesses and individuals online, or, more generally between anyone or thing attempting to transmit money, goods, or ideas online.

A new Trojan leads online banking customer into thinking they have logged out of their sessions when in fact they remain logged in. Discovered by Trusteer researchers, this completely new piece of malware represents the evolution of online attacks in the ways in which it integrates new and old hacking methodologies to subvert the should-be stalwart commercial security applications employed by financial institutions.

Citigroup has urged customers conducting mobile banking from their
iPhones to immediately upgrade because a security flaw in the older app
secreted account information on the smartphone. Read the full article.  [Computerworld]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.