On 11 Sep 2010, at 16:58, "Wall, Kevin" wrote:
> On Sep 10, 2010, at 5:34 PM, smurray1 wrote:
>> Hello,
>>
>> I have been discussing an issue with an organization that is having
>> an issue with malware on it's customer's clients that is intercepting
>> user credentials and using them to crea
Just to echo the other comments - there's already malware out there
that handles per-transaction authorization codes and substitutes in
its fraudulent transaction for the real one. (If you look at some of
the banking thefts against small & medium businesses, that's what's
happening.) So this sche
Completely agree with Jim and Kevin. Once the client host is compromised
you can't trust the client. On the server the best you can do is monitor
for unusual page flows, click rates that are too high (or time to complete
a form is too high), monitor for transactions outside of the norm for th
On Sep 10, 2010, at 5:34 PM, smurray1 wrote:
> Hello,
>
> I have been discussing an issue with an organization that is having
> an issue with malware on it's customer's clients that is intercepting
> user credentials and using them to create fraudulent transactions.
> (man-in-the-browser type atta
I do not think this will work. Once your browser is trojaned, it's
game over. The Trojan has the capability to just sit in your browser
and wait for the user to log in. (Trojans do not need to steal
credentials to cause harm). Once the user has logged on, the Trojan
can simulate any user activity s
Hello,
I have been discussing an issue with an organization that is having an
issue with malware on it's customer's clients that is intercepting user
credentials and using them to create fraudulent transactions.
(man-in-the-browser type attacks similar to what Zeus and other trojans
are capa