http://news.techworld.com/security/3232010/trojan-attacks-credit-cards-of-15-us-banks/ By John E Dunn Techworld 14 July 10 The Zeus/Zbot banking Trojan is reported to be attacking the Verified by Visa and MasterCard SecureCode verification systems introduced in recent years to stop old-style card not present (CNP) fraud. Security company Trusteer, which has carved out a speciality in reporting on Zeus/Zbot bank Trojan activity, does not say where and how it encountered the latest attack, but reports that the it is aimed at customers of 15 unnamed US banks. Exploiting a man-in-the-middle browser attack when it encounters a desired bank login on an infected PC, the malware intercepts and spoofs the enrollment process through which credit card users are signed up for the first time by both major issuers, Mastercard and Visa, throwing users a convincing screen. This captures a range of sensitive information that could be used to carry out CNP fraud, including social security and card numbers, and PIN or card verification codes. This data is sent in real time to a server run by the attackers. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Thu Jul 15 2010 - 01:08:05 PDT
This archive was generated by hypermail 2.2.0 : Thu Jul 15 2010 - 01:17:51 PDT