Over the last few years, the finance and banking industry has been tackling with a range of sophisticated financial malware including Zeus, Bugat, and the more recent Zitmo Trojan and their variants. Usually, banking Trojans are designed to extract authentication information transmitted between a users browser and a bank server. Recently, Internet security firm Symantec identified a new component based Banking Trojan. Security researchers have named the Trojan as Trojan.Tatanarg. Several components of the Trojan are installed on the targeted computer, which are capable of performing multiple functions. Tatanarg not only disrupts the anti-virus solutions installed on the computer, but also eliminates other malware such as Zeus Trojan. The Trojan could alter HTML in the browser and insert additional fields on a web page.
One of the features of Tatanarg is to hijack the cryptographic protocol connections such as Security Socket Layer (SSL) and Transport Layer Security (TLS) between the user browser and the bank server and acts a proxy. According to the company, Tatanarg uses the information disseminated from the bank to encrypt outbound traffic and nullifies the certification validation process by creating a dubious certificate on the users browser side of the connection. The Trojan creates an impression to the users that they are conducting banking transactions on a secure connection as they are able to view https in the URL as well as the padlock icon.
The Trojan extracts the authentication information submitted by unsuspecting users. Tatanarg also facilitates a remote attacker to control the compromised computer. A remote attacker may issue arbitrary commands to restart the affected computer, purge the browser cookies and terminate active programs and processes.
The extracted authentication information may be used by cybercriminals to steal funds from a users online banking account and conduct unauthorized transactions. The collected information may also be sold to their peers in the underground crime market. User awareness is crucial to combat the manifold threats from cyber fraudsters. Online computer degree programs and online tutorials may enable Internet users to acquaint themselves of different types of Internet threats and adopt safe computing practices. Users must vary from downloading malicious attachments and clicking on suspicious links. They must also regularly update the security software to add latest anti-virus signatures. Adherence to security advisories and software updates is vital to prevent breach of computer systems and protecting confidential information.
Information security is crucial to create trust among bank customers and ensure business continuity. Hiring professionals with IT masters degree and other security certifications may help banks in securing their computer networks.
Internet security firms are under constant pressure to deal with the evolving sophisticated threats from cyber-attackers. Online technology degree programs may enable security professionals to learn new techniques and skills that would help them to combat the latest threats and secure the IT infrastructure.
Cybercriminals are expected to evolve more advanced techniques to defraud individuals and corporates. Security firms and software developers must continue to invest in research and develop new technologies to enhance Internet security.
One of the features of Tatanarg is to hijack the cryptographic protocol connections such as Security Socket Layer (SSL) and Transport Layer Security (TLS) between the user browser and the bank server and acts a proxy. According to the company, Tatanarg uses the information disseminated from the bank to encrypt outbound traffic and nullifies the certification validation process by creating a dubious certificate on the users browser side of the connection. The Trojan creates an impression to the users that they are conducting banking transactions on a secure connection as they are able to view https in the URL as well as the padlock icon.
The Trojan extracts the authentication information submitted by unsuspecting users. Tatanarg also facilitates a remote attacker to control the compromised computer. A remote attacker may issue arbitrary commands to restart the affected computer, purge the browser cookies and terminate active programs and processes.
The extracted authentication information may be used by cybercriminals to steal funds from a users online banking account and conduct unauthorized transactions. The collected information may also be sold to their peers in the underground crime market. User awareness is crucial to combat the manifold threats from cyber fraudsters. Online computer degree programs and online tutorials may enable Internet users to acquaint themselves of different types of Internet threats and adopt safe computing practices. Users must vary from downloading malicious attachments and clicking on suspicious links. They must also regularly update the security software to add latest anti-virus signatures. Adherence to security advisories and software updates is vital to prevent breach of computer systems and protecting confidential information.
Information security is crucial to create trust among bank customers and ensure business continuity. Hiring professionals with IT masters degree and other security certifications may help banks in securing their computer networks.
Internet security firms are under constant pressure to deal with the evolving sophisticated threats from cyber-attackers. Online technology degree programs may enable security professionals to learn new techniques and skills that would help them to combat the latest threats and secure the IT infrastructure.
Cybercriminals are expected to evolve more advanced techniques to defraud individuals and corporates. Security firms and software developers must continue to invest in research and develop new technologies to enhance Internet security.
Source...