The banks use the online cryptographic protocols for exchanging information over the network, hackers and do not hesitate to adapt to this technology. A new case is wrong Secure Sockets Layer (SSL) certificates again shown at the end of the phishing threat, we saw last April and May (see our blog on forged digital certificates, phishing skirt, and an attack similar to Merrill Lynch) .
This time, is the site of Open Business Banking has been strengthened by the malware authors with Rock Phish Kit. The wrong side in the screenshot shows that some banks are in the Community Bank account:
Following the example of cases of phishing or malware, calls this site Spoofée customers a new security certificate. The website always shows the options for users of Windows and Mac users, but users arrive a. EXE, the execution of malware routines in their systems, their security, for secure online transactions, such as the security certificates do .
However, another certificate attacking seems even today, this time from Standard Bank. The wrong side (even with a rock phish URL) asks the user to download a 128-bit certificate update. In the file. Exe files have been downloaded, even malicious.
Trend Micro detects the downloaded files as two TROJ_SMALL.MJZ and TROJ_AGENT.ARNU, respectively. TROJ_SMALL.MJZ loads spyware detected as TSPY_PAPRAS.AR. TROJ_AGENT.ARNU downloads Possible_Crypt time, malware, a similar behavior shows the change in the DNS directories.
The attacker areas are now blocked by the Trend Micro Smart Protection Network. In addition, this technology detects the malicious executable on the desktop and offers solutions aimed at their elimination.
