Feeds

Bank-raid Trojan jury-rigged to pwn 'major airport's network'

Intruder alert

Security for virtualized datacentres

A Trojan has targeted airport workers logging into their employer's private network, security researchers have claimed.

Crooks are believed to have modified the bank account-raiding Citadel Trojan, which is also used in ransomeware scams, and deployed it at a "major international airport hub" to access internal applications and files. It is understood officials and relevant government agencies have been warned of the infiltration. In response, the airport disabled remote access to the attacked virtual private network (VPN), according to security software maker Trusteer.

The man-in-the-browser attack, we're told, featured a combination of form grabbing and screen capture techniques to lift employees' usernames, passwords and one-time pass codes generated by an unnamed two-factor authentication vendor, which was has also been notified about the attack.

Trusteer said the affected vendor offered pattern-based authentication and it was this technology that was circumvented to pull off the VPN compromise.

After snapping a copy of the user's screen, the attacker would be able to figure out the permutation of digits, along with the one-time code stolen by the form grabber, to reproduce targeted user's login credentials.

Trusteer said the attack on the airport hub is a new tactic by crooks but not unprecedented. Other enterprises have being targeted by screen-capturing/form grabbing financial malware in the past, it said. Incidentally, the security firm also launched a Citrix-friendly version of Trusteer Rapport for Enterprise, which is supposed to thwart attempts to sniff passwords and other sensitive data. ®

Secure remote control for conventional and virtual desktops

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.