Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Rapport bank security tool under attack, says maker

Zeus and SpyEye tried and failed to beat software

Article comments

The Rapport browser plug-in used by many leading UK and US banks to secure online accounts has come under sustained attack by the Zeus/SpyEye Trojan, makers Trusteer have admitted.

Anti-Rapport attacks detected in the last two years ranged from an early 2009 attempt to de-install it from targeted PCs, to more recent incursions that simply tried to remove the process from memory, Trusteer CEO Mickey Boodaei said.

At least one Zeus attack had used the challenging but potentially serious technique of trying to undermine Rapport's security layer by compromising Windows itself, Boodaei added.

The details emerged after a skirmish last week with security rival Trend Micro on the claimed merger of the two most feared bank theft Trojans, Zeus and SpyEye. One development of this fusion was said to be a new feature that attempted to disable Rapport.

Trusteer subsequently put out a statement saying that the anti-Rapport malware module in question attempted to interfere with an element of its protection that blocked HTML injection.

“This is something that Rapport immediately detects and reacts to by removing the offending software from the computer,” read a response from Trusteer CTO, Amit Klein.

“Zeus has been launching direct attacks against Trusteer for the last couple of years now. There are several different attacks against Rapport incorporated into different versions of Zeus, all of which focus on disabling the software on customer computers. All are successfully blocked by Trusteer. We're probably the most attacked brand in the security industry today,” said CEO Boodaei in a statement offering further elaboration on the theme.

The Rapport system – which connects browser and bank system using an encrypted channel - is considered the leading anti-Trojan tool for online banks that don’t want to go as far as equipping users with access using virtualised-session USB sticks. An example of the latter approach would be IronKey.

The software is used by a range of banks, including ING Direct, Alliance & Leicester, First Direct, The Royal Bank of Scotland, NatWest, and HSBC, plus a range of institutions in the US and Canada.

Trusteer offers the argument that Zeus/SpyEye’s makers take a risk when they attack a specific program such as Rapport because in doing so the malware betrays its presence to monitoring systems.

“It seems to me that in their passion to differentiate service from other malware tools, the authors of SpyEye ignored a simple rule - for malware it's always better to keep a low profile,” said Boodaei of the latest attack.

According to Trusteer, Rapport is not the only security tool that has had to stay sharp to stop Zeus. Only three months ago, Microsoft’s Malicious Software Removal Tool (MSRT) lost its ability to detect the malware only weeks after first adding such capability.




Share:

More from Techworld

More relevant IT news

Comments

Hydara said: Great Product

JE Dunn said: The fully encrypted channel does require a server component however - Ed

Matthew Chambers said: I have been using Trusteer for several years and it is a great product One of the upsides is that you do not need to be a member of the participating banks The product can be downloaded and used absent of a subscription to these financial services You may also add additional sites to protect that are outside of what is offered as a base protected list of organizationshttpwwwinfostructioncom2



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *