Kaspersky Lab Has Patented Technology that Detects Man-in-the-Browser Attacks
OREANDA-NEWS. September 20, 2016. Kaspersky Lab has been awarded a new patent from the United States, for a technology that counteracts the tricks of financial cybercriminals. The new technology detects the implementation of HTML code into a page opened by a client’s browser (Man-in-the-Browser attack).
The technology is based on the use of special "scanning" web pages, which are integrated with a specific HTML code, to encourage malware to reveal its functions. The creators of financial malware often modify HTML codes for the websites of banks. When a client tries to open the necessary page, the malicious program detects this activity and modifies the design of various elements of the web pages (firstly, the input field), and then steals the authentication data entered, or changes the account numbers, to redirect where money is transferred.
Kaspersky Lab experts have developed a kind of ‘trap’- a banking page which has the hallmarks of different financial institution sites (the fragments of HTML code specific to the web pages of banks and payment systems). This technology is already widely used in Kaspersky Fraud Prevention Clientless Malware Detection, which was developed to prevent attempts to access customer bank accounts from infected devices. Once such a web page is opened from an infected device, the malicious program utilizing the Man-in-the-Browser technique will recognize it as the bank's website and try to make changes that will be immediately detected by the system.
"Considering the fact that Man-in-the-Browser technology is implemented by many families of banking trojans, our technology can be used in solutions to protect online banking, as an indicator of infection,” said Denis Gorchakov, senior fraud analyst at Kaspersky Fraud Prevention. “If an attempt is made to embed HTML code, it’s highly likely that the user device is infected. Having detected such an attempt, the bank can block the transaction in time to protect its customer’s money from theft. We can also help the users affected by fraud to eliminate the consequences of infection with our specialist Kaspersky Fraud Prevention for Endpoints solution.”
More details about Kaspersky Fraud Prevention Clientless Malware Detection are available here. Currently, Kaspersky Lab’s portfolio includes 450 patents issued in Russia, the U.S., the EU and China. In addition, over 320 patent applications are currently under consideration by the patent authorities in these countries. The description of the technology and patent can be found on the USPTO website.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.