Man in browser

I’ve heard of some “man in browser”, a trojan that hijacks your browser. It’s specific for an American bank. The trojan makes some extra money transactions but deletes them from the receipt, so the user won’t notice anything unless the missing money is discovered.

I suppose (at least I hope) Defense+ would notice such a trojan to be executed, so the user can prevent it from hijacking the browser?

Is this the man in the middle (or one of the men) that Melih refers to sometimes?

/LA

Here is a description:

It appears that it is a Trojan that uses your broswer so you shouldn’t visit any weird websites, you should install antivirus and antispyware and make sure it has active protection :smiley:

Pablo

Can’t see it executing without v3 knowing about it!
V3 has A-VSMART technology built in… difficult to bypass it and protects you from more viruses/malware than other AVs can detect!

Melih

i’d agree that V3 would detect that, but any savy pc user would also have other software to help against such attacks, AV software as well as spyware software and something along the lines of Winpatrol that detect Browser Helper Objects (BHO’S)

ofcourse…

I am all for layered security…
here is a small article i wrote about this
https://forums.comodo.com/melihs_corner_ceo_talkdiscussionsblog/layered_security_why_this_is_the_only_way_forward-t10172.0.html

Melih

i am a firm believer in the benefits of layered security and being security conscious, thank you for the link to the other thread!

Ah, thanks for the confirmation. No invited uninvited guest shall ever enter my browser! :slight_smile:

Pablo, good link.

LA

invited? or un-invited :slight_smile:

Melih

LOL, a little mistyping! :slight_smile:

/LA

Well. Id say its not possible. A man in the middle really dosnt watch your browser so much, just your traffic in general. Assuming the D+ was on BEFORE the trojan installed D+ will notify you. If the trojan was on before D+ then im not sure if D+ will notice it, its quite difficult to detect a ‘man in the middle attack’ with a software firewall. If you have a router then the middle man attack is surely foiled. (Unless the router is on DMZ)

hmmm…sounds interesting…does anyone know where can i get this “man in the browser”?

cg

When all this is, is a trojan that is designed to read your HTTP traffic and relay it to the hacker.

I stumbled across this:

http://www.symantec.com/enterprise/security_response/weblog/2008/01/banking_in_silence.html

LA