Latest Cybercrime Threat: Device Cloning [source: americanbanker]

by CIRT Team

While much of the banking industry is distracted by the recent spate of distributed denial of service attacks, a new wave of cybercrime is about to hit online and mobile banking users’ devices.

In this scheme, crooks are creating virtual machines that are clones of customers’ real computers or mobile devices, including their IP addresses. Then many of the methods banks use to authenticate a customer can be compromised without the bank or consumer being aware. “This is an ‘in browser’ attack that uses an existing device …The device is identified as legitimate. So if that bank is relying on [device identification], the attack will work,” says Avivah Litan, a vice president and security specialist from Gartner.

RSA (EMC) reported it found a malware variant called Prinimalka-Gozi that reportedly will soon be used in a massive attack on banks. RSA, which has not identified targeted banks publically and did not return requests for common by Thursday, said that criminals will use the attack method to bypass device fingerprinting, or information such as web browser configuration, that’s used to identify a user’s computing device.

For more, click here.

CIRT Team

Recommended Posts

Training on cybersecurity awareness for Department of Women Affairs

25 Nov 2023 - Articles, English articles, News, News Clipping, Service

BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত

22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping