New browser malware found
So-called Man in the Browser scam is a common attack by hackers, which relies on people clicking on a link that will take them to a phony Web site. There, malware waits to scoop up any personal information that is entered.
Now a new version has been discovered, says a Boston company that makes endpoint solutions. As this story in NetworkWorld U.S. outlines, Trusteer CTO Amit Klein says the latest iteration can hide on any Web site. Klein dubs it the Universal Man in the Browser.
(Graphic from Shutterstock)

This is no creation of a prankster. According to Klein, the sophistication of its creators is revealed by the fact that there’s a Web portal ready to sell the data that the malware has harvested. What apparently makes this malware cunning is that it can forward data in real-time to scammers; the MitB attack captured data that needed to be filtered.
According to Trusteer, the malware at the moment isn’t on many Web sites. If so, they only have a short period of time to mount a defence.

Related Download
The Evolution of Vendor Risk Management in Financial Institutions Sponsor: BitSight
The Evolution of Vendor Risk Management in Financial Institutions
The financial services industry has long been a pioneer in developing risk management practices. As third party data breaches have increased in recent years, regulators and organizations have moved from relying solely on static questionnaires and assessments, to continuously monitoring the security of vendors.
Register Now