This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Anti-Malware - Knowledge Base"
From OWASP
m (→References) |
(→Introduction) |
||
Line 1: | Line 1: | ||
== Introduction == | == Introduction == | ||
+ | === What is Banking Malware === | ||
+ | === How Banking malware deals with Web Application Security === | ||
== Banking Attack Process == | == Banking Attack Process == |
Revision as of 15:32, 3 January 2012
Introduction
What is Banking Malware
How Banking malware deals with Web Application Security
Banking Attack Process
Early Stages
Attack Interactions
Details of Malware Attack Process
Silent Banking
Human Assistance
Banking Malware Families
Silent Banker
Adrenaline
Zeus
Limbo/Nethell
Torpig/Sinowal/Mebroot
Banking Provided Security Measures
Password
TAN (Gridcard, Scratch Card)
OTP (Time Based, Click Based)
CAP (Random Nonce, Challenge Response)
SMS Challenges
Cellphone Caller-ID
Threat Modeling for Banking Malware Attacks
Enumerate the interesting targets
Define the path to the targets (Transition graphs)
Apply trust boundaries (security measures)
Define the weaknesses of the security measures adopted
Security Rating
References
- Kyplex AV Website Antivirus - Free website virus and malware scanner. The service is provided over the Internet. No installation required.