Proxy Trojans of the Modern World
The holiday season is fast approaching and because of the convenience it brings; many people are shopping for gifts via online. Money will be fast rolling on the web because of online banking and online transaction on the Web. But, because of this the danger of cyber crimes is also looming on the horizon. One such threat is the Proxy Trojans, and Proxy Trojans are divided into 3 major categories – keyloggers browser-session recorders and Man in the Browser.
Keyloggers
Keyloggers are basically the most primitive Proxy Trojan; unaware to the victims this Trojan will record their information as they log-in into some online application. Then the information will be sent to a certain server. One best example would be the situation that happened last year on hotmail, where thousands of accounts where captured by these Trojans.
At start, experts believed that these attacks where the result of phishing but closer inspection and investigation showed that these attacks where caused by keyloggers. And since keyloggers are the most primitive of the Trojans, it is easier to spot them with the use of a simple pen testing which must be accomplished by individuals who have undergone pen test training.
Browser-session Recorders
One of the advanced Proxy Trojan is those Trojans who has the capabilities to record the victims’ browser sessions. Because of this type of Trojan, hackers can gain additional knowledge and information from their victims like PIN codes, credit card informations and even the answers of security questions. Once they have all this information, then hackers can then impersonate their victim and replay their previous session. One example of Trojan with this capability is the Zeus V2 and thousands and thousands of computers are infected with Zeus V2.
Man in the Browser
Man in the Browser or MITB is the most complicated and sophisticated Trojan that hackers can install in their victims’ desktop and browser. In short, this type of malware is designed to inject HTML codes into the victims’ browser whenever they make banking transactions and such other transactions that involve cash. The Trojan will be the one interacting with financial institutions or banks and the transactions being done are being done in the name of the victim, but this is unknown to them.
To make it simple, if a victim wants to make transactions with his bank account, the MITB will direct the transaction and the funds of the victim will be transferred into a mule account. When the bank will request to verify the transaction, the MITB will then modify the banks request to suit the victim’s request. Once it is verified, then the bank will continue its transfer and the victim will be losing funds unknown to him or her.
MitB in the Internet
Trojans with MITB capabilities are Zeus Gozi, Sinowal, SpyEye and URLZone. But banking institutions has employed new methods to deter these Trojans like the one-time password and the two-factor authentication. Because of these new methods, the threats of Proxy Trojans have lessened, but hackers don’t want to fall behind. The capabilities of some MITBs are greatly improved and one such example is the SilentBanker Trojan. SilentBanker Trojan has targeted hundreds of banks and it has the capabilities to intercept the online transactions of banks even if they have two-factor authentication guarding their system.
MitB in the Future
Sooner or later, MITBs will be one of the major concerns of internet security experts because MITBs will surely evolve much further than what they are now. The sophistication and how MITB works will grow in the future; the codes of these Trojans will evolve to bypass different security fences that have been developed. Soon, MITB will not only target banks but other online applications and also these Trojans will become even more prevalent on the Web.
Internet users must be aware of Proxy Trojans and look for ways to avoid infecting their system with the said threat. But the responsibility to deter Proxy Trojans does not fall only to the Internet users; websites with online services must invest in the necessary professionals as well as tools and gadgetry to combat Trojans. This allows them to make safe and secure transactions with their clients. There are many ways to reduce Trojan threats; users can conduct security check on their desktops, pen test or any other system check that could detect, remove and prevent Trojans. While companies can have stronger system, proper profiling of clients, improve authentication and tracking of each transaction.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also offer trainings in penetration testing.
More information about EC-Council is available at http://www.eccouncil.org.
Processing your request, Please wait....
