Bypassing Malware Detection Mechanisms in Online Banking

Presented at Black Hat Asia 2015, Unknown date/time (Unknown duration).

Online banking applications are particularly exposed to malware attacks. To minimize losses, banks have invested in malware detection mechanisms which are not running as programs on client machine but either server-side or by JavaScript in the risky application. We have tested many solutions which are using different detection methods such as behavioral patterns, web injects signatures, or user input analysis. Our research points out clearly: even "100% malware proof solutions" have serious implementation errors. It is only a matter of time when malware creators will start targeting their guns against these vulnerabilities, effectively bypassing or abusing costly countermeasures. Is it a road to failure or can we improve them?


Presenters:

  • Jakub Kaluzny - SecuRing
    Jakub is a Senior IT Security Consultant at SecuRing and performs penetration tests of high-risk applications and systems:web and mobile, network and embedded devices. He has spoken at many internetional conferences including OWASP AppSec EU, PHdays, CONFidence, HackInTheBox AMS, as well at local security events. Previously, he worked for the European Space Agency. Apart from testing applications, he digs into proprietary network protocols, embedded devices, and other enterprise solutions.
  • Mateusz Olejarka - SecuRing
    Mateusz is a Senior IT Security Consultant at SecuRing. His key responsibilities are: web and mobile application penetration testing, network infrastructure security assesment, and source code review. He previously worked as a software developer building software for the financial sector. He was a speaker at Polish conferences and meetings dedicated to quality assurance and security. Since 2011, he is a board member of the OWASP Poland Local Chapter and co-organizer of chapter meetings.

Links:

Similar Presentations: