Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Cybercriminals Develop Tool to Bypass Anti-Trojan Technology
Another week, and another instance of cybercriminals finding a way to prosper online – do these guys never have a day off!
Just a week after the Home Affairs Select Committee released a report into the seriousness of cybercrime in the UK, The Register has revealed that cybercriminals on an underground forum have developed a technique that allows them to bypass the anti-Trojan technology used by Trusteer in its Rapport browser-lowdown program. A program that is relied up by banks and financial institutions worldwide – including HSBC, NatWest, and PayPal – to protect their customers.
Trusteer, of course, have moved to downplay the issue, saying that reports of any vulnerability in its Rapport banking service are inaccurate and the company is aware of any problem and appropriate action has already been taken.
“There is no malware that incorporates this vulnerability,” said Trusteer CEO Mickey Boodaei to V3. “Moreover, Trusteer has accurate intelligence on the fraudsters who wrote, sold, and published this code, which we shared with law enforcement agencies.”
“This is just one out of many attempts to circumvent Rapport, which we fight on an ongoing basis. This time with great success as the group that wrote this code is most likely responsible for various fraudulent activities against UK banks”
According to the independent security researchers who first spotted the exploit though, despite Trusteer’s downplaying of the situation, bank customers remain at risk.
The Register reports that Digital forensics firm Group-IB, who noticed the issue on cybercrime forums, said that the exploit offers a means to bypass the browser lockdown technology.
“With the help of this new exploit it is possible to intercept users' credentials when Trusteer Rapport is active,” said Group-IB’s head of international projects Andrey Komarov. The Reg also says that members of the cybercrime forum have started using the trick to bypass Rapport, giving them access to credentials including login details.
Don’t take security at face value
While there is every chance that Trusteer is genuine when it says the vulnerability has no impact on Rapport’s ability to block malware, you as a customer cannot take any chances when it comes to the protection of your sensitive data online. It is therefore essential that you move to install your own security software in the form of cloud web security, to ensure your systems are protected at cloud level and all viruses, spyware and malware is nullified before it reaches the network.