Difference between revisions of "OWASP Anti-Malware - Knowledge Base"

Revision as of 07:41, 11 May 2009

Introduction

Banking Attack Process

Early Stages

Attack Interactions

Details of Malware Attack Process

Silent Banking

Human Assistance

Banking Malware Families

Silent Banker

Adrenaline

Zeus

Limbo/Nethell

Torpig/Sinowal/Mebroot

Banking Provided Security Measures

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Threat Modeling for Banking Malware Attacks

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Security Rating

References

@@ Line 2: / Line 2: @@
 == Banking Attack Process ==
+=== Early Stages ===
+=== Attack Interactions ===
+=== Details of Malware Attack Process ===
+=== Silent Banking ===
+=== Human Assistance ===
 == Banking Malware Families ==

Difference between revisions of "OWASP Anti-Malware - Knowledge Base"

Revision as of 07:41, 11 May 2009

Introduction

Banking Attack Process

Early Stages

Attack Interactions

Details of Malware Attack Process

Silent Banking

Human Assistance

Banking Malware Families

Silent Banker

Adrenaline

Zeus

Limbo/Nethell

Torpig/Sinowal/Mebroot

Banking Provided Security Measures

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Threat Modeling for Banking Malware Attacks

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Security Rating

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools