New “Trojan Horse” Attacks Security Shield
Banks and other businesses accepting financial transactions over the web have developed a way for the user to simply use the mouse instead of keyboard to enter PINs or credit card information. This avoids the effect of any keystroke loggers that might be installed on the PC without the user’s knowledge.
A Spanish company called Hispasec Systems has now discovered a “Trojan Horse” that infiltrates the targeted computer and captures the screen images of computer users. This software can follow the mouse movements of a displayed keypad making it simple to steal both PINs and credit card numbers.
The clandestine software is downloaded unwittingly by surfers who do not realize they may pay dearly for that free software. They may also be downloaded when users respond to spam links.
Security software makers are not yet able to defend against this new threat. Hispasec tested more than 30 anti-virus programs with only six showing any protection against this threat.
Some banks and financial institutions are using these “virtual keyboards” as a solution to government requirements to secure their online systems. Unfortunately, this is another example of the criminal element working hard to learn how to pick the latest lock. It is a vicious circle, with the good guys only able to keep a step ahead of the bad, at best.
A Spanish company called Hispasec Systems has now discovered a “Trojan Horse” that infiltrates the targeted computer and captures the screen images of computer users. This software can follow the mouse movements of a displayed keypad making it simple to steal both PINs and credit card numbers.
The clandestine software is downloaded unwittingly by surfers who do not realize they may pay dearly for that free software. They may also be downloaded when users respond to spam links.
Security software makers are not yet able to defend against this new threat. Hispasec tested more than 30 anti-virus programs with only six showing any protection against this threat.
Some banks and financial institutions are using these “virtual keyboards” as a solution to government requirements to secure their online systems. Unfortunately, this is another example of the criminal element working hard to learn how to pick the latest lock. It is a vicious circle, with the good guys only able to keep a step ahead of the bad, at best.
posted by skgroner | 8:13 AM
<< Home