This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Anti-Malware - Knowledge Base

From OWASP
Revision as of 07:38, 11 May 2009 by Gfedon (talk | contribs) (Banking Provided Security Measures)

Jump to: navigation, search

Introduction

Banking Attack Process

Banking Malware Families

Silent Banker

Adrenaline

Zeus

Limbo/Nethell

Torpig/Sinowal/Mebroot

Banking Provided Security Measures

Password

TAN (Gridcard, Scratch Card)

OTP (Time Based, Click Based)

CAP (Random Nonce, Challenge Response)

SMS Challenges

Cellphone Caller-ID

Threat Modeling for Banking Malware Attacks

Enumerate the interesting targets

Define the path to the targets (Transition graphs)

Apply trust boundaries (security measures)

Define the weaknesses of the security measures adopted

Security Rating

References