Phishing & BotNets
In-session phishing Jan 08 2006 12:53AM
Matt Richard (matt richard gmail com) (1 replies)
Re: In-session phishing Jan 08 2006 10:14AM
Rafael San Miguel Carrasco (smcsoc yahoo es) (1 replies)

Have you considered the fact that pop-up may be triggered as a result of
a second-order injection attack?
Malicious Javascript code would have been injected by the attacker in
his or her own session, then triggered when other users log-in.
I remember someting similar (not in e-banking tough) happening a few
months ago.

Greetings,

Rafael San Miguel Carrasco

Matt Richard wrote:

>I recently heard rumors of several financial institutions impacted by
>"in-session phishing". The description of the attack was that the
>user would log in to their internet banking site and shortly after a
>pop-up would appear with a "Security Confirmation" page requesting
>personal information to allow continued use of the internet banking
>site.
>
>>From the information I have been able to gather it appears that pop-up
>is triggered by local malware on the end users pc. What makes this
>interesting is that the attack may have been targeted at a specific
>internet banking vendor that services small financial institutions. I
>am under the impression that the site hosting the "Security
>Confirmation" page has been taken down and unfortunately I don't have
>any other details.
>
>My questions to the list are:
>
>1) Other than some older malware (Bugbear.B) and general purpose
>keyloggers is anyone aware of malware used for similar "in-session"
>phishing?
>
>2) Has anyone heard or seen this specific method in use?
>
>--
>Matt Richard
>http://www.mullingsecurity.com
>
>
>

[ reply ]
Re: In-session phishing Jan 08 2006 01:09PM
Matt Richard (matt richard gmail com) (1 replies)
Re: In-session phishing Jan 08 2006 11:47AM
Lance James (bugtraq securescience net) (1 replies)
New to phishing Feb 17 2006 10:32AM
Athanatos Manos (mathanatos gmail com) (1 replies)
Re: New to phishing Feb 21 2006 01:26PM
Alice Bryson (abryson bytefocus com) (1 replies)
Re: New to phishing Feb 21 2006 02:38PM
Athanatos Manos (mathanatos gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus