Friday, October 05, 2012

"MitB" malware can "missprocess" payments in real time


A news story by Kyle Wagner on Gizmodo reports that a new kind of malware can steal or modify payment info from an Internet browser in “real time”.  The item is called “Man in the Browser”, or “MitB” (not “Mitt’), which apparently got more sophisticated recently.   In the past, it had acted like a typical keylogger.  But now it can really process payments in real time to a fake institution.

The link for the story is here.

The story would tend to imply that it’s important to see the “verification” image when you log on to a bank’s browser so you know that you really reached the bank’s true site.   Always log in directly with the URL yourself, not from a link.

The article (and particularly the comments) recommends some new encryption products.  

No comments: