Financial Malware Focuses on Hiding malicious traffic, localization

Search Security – January 14, 2013 – Brandan Blevins, News Writer – As financial malware evolves and adopts new capabilities, a new report highlights how financial firms and consumers are struggling to fend off malware that uses sophisticated communications techniques, many of which are virtually impossible to detect.

Dr. Ken Baylor, research vice president for Austin, Texas.-based NSS Labs, authored The Cutting Edge is Honed, a look at how financial malware evolved during the course of 2013. Baylor found that the criminal crews behind the malware targeting financial firms are not resting on their laurels, with new, nearly impossible-to-stop features being added to already successful pieces of malware.

Among the new additions are cutting-edge, click-enticing capabilities that would make marketing firms salivate.

“They’re now able to do things such as take video captures of your screen so they can see when you’re filling out a pop-up that’s asking for your Social Security number to watch your mouse to see how many seconds you hesitated before you either ignored it or clicked through,” Baylor said. “So it’s quality assurance on how effective their pop-ups are at convincing you to hand over your information. We’re seeing a lot of innovation in this [area].”
[Read more]