Where do we stand with banking trojans today?

Candid Wüest Symantec

  download slides (PDF)

For nearly ten years have we been fighting against malware that targets online banking. Trojans like Zeus, SpyEye, Torpig & co. have managed to loot millions of dollars from infected user accounts over the years.

This paper will analyse the current state of online banking malware. How sophisticated are the current versions of these trojans and how did they evolve? What techniques are currently used to bypass the security measures of online banking applications? Are man-in-the-browser attacks still the most sophisticated ones, or are other attacks like proxies or DNS redirections taking over? How much do the attackers focus on mobile banking or tokens on mobile phones like mTANs since these features have been introduced to create a second authentication channel, independent from the infected PC, in order to protect against trojan attacks?

We will dissect new features like the P2P option of Zeus, but also lesser known methods like the Firefox XUL injection used by Trojan.Neloweg.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.