Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

HSBC browser plugin attacked by Trojan

Trusteer's Rapport software fends off targeted attack

Article comments

A popular anti-keylogging tool used by online banks such as HSBC, Trusteer’s Rapport, has come under direct attack by malware writers trying to bypass its protection settings.

In a discovery reported made by fellow security vendor Webroot Software, a Trojan the company names ‘Phisher-Rancor’ runs a batch file that tries to close down the Rapport app, while a second variant targets a separate binary, config.js.

Luckily, the malware fails to overcome Rapport’s built-in protection mechanisms, starting with its ability to reload itself if closed down, a characteristic common to all anti-malware programs.

Related Articles on Techworld

Although the Trojan fails, Trusteer will doubtless take the attempt as a clear warning.

“While this appears to be an isolated (and, for now, totally inept) incident of an easily defeated phishing Trojan that attempts to disable this particular anti-phishing software, it isn’t a good idea to underestimate the enemy. Clearly this attempt was a failure, but the next one might not be,” says Webroot researcher, Andrew Brandt.

Malware that tries to disable anti-virus engines or blocks access to specific update or security websites is an absolutely standard part of the criminal arsenal. In recent times it has been unusual for this tactic to achieve much success.

Trusteer's CEO, Mickey Boodaei, also emphasised that Rapport's use by banking sites depended on more than the application's integrity itself.

"Criminals are trying to disable Rapport as while it's active they're unable to commit fraud or steal information. The Rapport software client is just one component in a wider fraud prevention solution that Trusteer provides to banks. Attempts to disable Rapport are detected and addressed not just by the Rapport client itself but also various other system components in the cloud and on the bank's servers," he said.

What is more unusual is the targeting of a single, specific app in a targeted manner. Trusteer is itself a targeted approach to security, protecting online banking communications by verifying websites in a way that can also be used to set up an encrypted channel between a user’s browser and the banking systems.

It is secure enough that UK bank HSBC has encouraged its customers to use it with its own servers. The tool can also be used by any user at no cost for domain lookup (up to a maximum of 100 sites) although the most secure mode does require that the institution in question integrates it with their login system.

Supported browsers include IE. Mozilla Firefox and Google’s Chrome.



Share:

More from Techworld

More relevant IT news

Comments

DaBanker said: Glad to see this happen to HSBC worst banking system I have ever had the ill pleasure of dealing withmay you go tits up



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *