"Think Inside the Box"  HomeATM encrypts online banking authentication AND cardholder data outside the browser and inside their PCI 2.x Certified PIN Entry Device where it is "instantaneously" encrypted in order to prevent said data from EVER entering the web browser in unencrypted format. 



Wired has an interesting story on the newly discovered and obviously next gen online banking Trojan known as URLZone or urlZone.  It seems it is able to recognize when "IT is being monitored" and provides investigators with fake information designed to throw them offtrack.  Amazing. 



Allow me to "compose" an analogy which also ties into the photo displayed on the right:  Apparently Browsers are to Hackers what the Piano was to Beethoven...


Anybody still doubt that browsers are unsafe and it's time to start conducting financial transactions "outside the browser" cause, man, these hackers are not only winning the battles, they are winning the war.  It's time to drop the weapon of botnet destruction...




Bank Malware Serves Fake Info to Thwart  Investigators



Researchers tracking a gang of online bank thieves found that the criminals have deployed a devious means to thwart law enforcement and anyone else trying to monitor their activities.




Here's an excerpt from Wired:



"The gang behind the URLZone trojan, which siphons money from online bank accounts and then alters a victim’s online bank statement to hide the fraud, have also devised a method to hide the accounts of mules they use to launder the siphoned funds.



Researchers at RSA’s FraudAction Research Labs say the gang was aware that their malware was being tracked by investigators, so they programmed their command and control server to generate non-mule accounts to make it more difficult for law enforcement and fraud investigators to halt laundering through the real accounts.



Read the Article in it's Entirety at Wired.com 




I've got more on urlZone (and other Trojans) here...and below:  Online Banking Trojans Infesting the Web (pindebit.blogspot.com)









Reblog this post [with Zemanta]

Posted by John B. Frank Tuesday, October 6, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers