New Trojan Using HTML Injection on Bank Sites
A new Trojan, called Limbo, is making the rounds that inserts data fields into the legitimate web sites of banks, according to Computer World. This is different than a phish, which is a totally bogus duplicate of a legitimate site.
The Trojan was reported by RSA and uses several routes to get onto a user's machine. These include pop-up messages that download programs.
Unlike other injection attacks, this one actually inserts HTML code, with additional fields, right onto a bank's web site, even while the user might be logged in.
The Trojan was reported by RSA and uses several routes to get onto a user's machine. These include pop-up messages that download programs.
Unlike other injection attacks, this one actually inserts HTML code, with additional fields, right onto a bank's web site, even while the user might be logged in.
posted by The IT Security Guy at 9:27 PM
0 Comments:
Post a Comment
<< Home