One thing I've never understood about man-in-the-browser attacks is why a trojan bothers with all that in the first place. I don't see how more conventional attacks are obsolete.
Enhanced "MFA" (rarely are they true multi-factor) login systems banks use rely on setting a cookie to recognise the device and skip the "registration" process the next time. Some in the industry are bold enough to claim that the PC now serves as a physical authentication factor after this process... Why doesn't Zeus just steal the registration cookie, log the credentials, and move on? Yes, MiTB has other advantages. However, it seems like some in the media are treating Zeus like it walks on water for breaking what is a pretty weak process to begin with... -Nick
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
