Tier-3 Claims Internet Banking Authentication Systems Threatened By New Trojan
Tier-3 says that a new trojan, spotted in various forms by Symantec in recent weeks, now poses a potentially serious threat to most authentication systems being rolled out by banks to protect their electronic customers. Most banks’ two-factor authentication systems centre around the use of a customer-supplied password, plus a unique, one-time code generated by an electronic token such as a SecurID unit or a user’s mobile phone. Tier-3 claims that the new trojan, known as Silentbanker, allows hackers intermediary access to the information stream from the user, allowing them to create a man-in-the-middle type attack during an e-banking session. The company claims that this effectively counters the protection afforded users by the two-factor authentication technology. It is advised that e-banking clients keep their IT security software up to date, as this should help spot most trojans.