Criminals using real-time hacks to target businesses
Real-time services like Twitter have transformed the web, but criminals are using the same techniques to get past security roadblocks.
A malware researcher has warned about hackers using the real-time web' to target the web pages of businesses like banks and other financial institutions.
Joe Stewart, director of malware research for SecureWorks, spoke to the New York Times about a Trojan called Clampi', which used real-time techniques to attack people who could access corporate bank accounts with particularly big balances.
After the trojan was planted in machines it sent a real-time stream of the user's actions using modified instant messaging software. The hacker could then log in to a user's bank account.
If the bank account was using a one-time temporary password, the hacker could also copy this if it was used. These funds would then be transferred to wherever they needed to go.
Stewart said to the New York Times: "What everybody thought was a very secure identification method, these guys found a low-tech means to get around it."
"They don't break the encryption, they just log in at the same time you do," he added.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.