• No events
AEC v1.0.4

Cyber Security Info

MITM attack on internet banking

March 27, 2014

Share Button

PhishLabs have discovered a new man-in-the-middle attack on internet banking. The malware spread through infected RTF files changes DNS server in the victim’s systém and installs a new SSL certificate. Once the victim types the address of internet banking in the browser it is directed by the malicious DNS server to the attacker’s website rather than to the legitimate internet banking website. The SSL certificate allows the fake site to look completely legitimate including the icon of the HTTPS connection. The only way to defend against these types of attacks is properly implemented two-factor authentication method. PhishLabs has identified four of the DNS servers serving fake internet banking sites of more than 70 banks operating in Europe, North and South America.

Share Button