| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Aug 6 01:34:35 2005 From: fractalg at highspeedweb.net (fractalg@...hspeedweb.net) Subject: Defeating Citi-Bank Virtual Keyboard Protection Hi, >As per my knowledge, there are no such keyloggers or spywares which uses any technique to defeat virtual keyboards. >However, the technique that I am going to discuss here can be used by malicious program writers to write next generation >viruses / worms to defeat such virtual keyboard protections. >Hence, I hope people who are using Virtual Keybords shouldn't stay very over-confident. Very wrong ;) There are such keyloggers in the wild...I had to "decipher" the logs of a keylogger that was attacking some banks over here. The logs had all the information, and all the banks in question used virtual keyboards. I had no chance to analyse the program... Virtual keyboards are not the solution. A much "better" alternative is a stealth program, who proxies the transactions. Call it a second order trojan, sitting there, stealthy, doing nothing, and when it seems some interesting transcation, just redirect it to another account, for example. That would be much harder to detect. The incident in question wasn't very hard to manage, because we had the login to the dump site, and logs were deciphered. That's one of the problems with keyloggers attack, what it captures must be dumped somewhere. fG!
Powered by blists - more mailing lists