The Internet is not Free - Carberp Targets French Broadband Subscribers

By Tanya Shafir

New York, (PresseBox) - Last year, Carberp emerged on the online banking fraud scene as a competitor to the dominant financial malware platforms Zeus and SpyEye. Trusteer recently discovered a configuration of Carberp that targets Free, a French broadband Internet service provider (ISP). The attack is designed to steal debit card and bank information using a Man in the Browser (MitB) attack.

Free offers an ADSL service, called Freebox, to its customers. When subscribers visit their online account page Carberp launches an HTML Injection attack after the user has logged-in. The victim is presented with a page that claims Free is having a problem processing their monthly subscription payments with the financial institution, and requests that the user update their payment account details.

The malware then asks the user to submit their payment card number, expiration date, security code (CVV2), bank name, bank address, zip code and city. The victim is told that this information must be updated in order to make monthly payments and maintain their service.

"This latest Carberp attack is another example of fraudsters moving downstream from online banking applications to web sites that process debit and credit card payments", said Tanya Shafir, researcher at Trusteer. "By launching MitB attacks that target customers of third party service providers, rather than the banks themselves, fraudsters can prey on the trust established between the victim and a non-financial entity like an ISP. Furthermore, most of us are extremely reliant on broadband services for work, entertainment, and shopping. When faced with the prospect of having our Internet connection turned off for not paying the monthly bill, it is easy to see how even the most security conscious users could fall prey to this type of scam."

Fraudsters continue to demonstrate both creativity and resourcefulness in their choice of targets. As financial institutions tighten the security around their online banking applications, Trusteer expects criminals will increasingly target customers that pay for third party services on line. Stealing credit and debit card information allows them to commit low risk and high reward card not present fraud.

"The one variable that does not change whether a MitB attack targets an online banking application or an ISP account management application is the scene of the crime. In both situations, the fraud is made possible by hijacking the web session at the endpoint. Whether the target website belongs to a wireless phone company, newspaper publisher, grocery store, etc., doesn't matter. Protecting the browser is key to defeating the next attack being dreamed up by fraudsters," said Shafir.

Press releases you might also be interested in

Weitere Informationen zum Thema "Sicherheit":

IT-Security frustriert Anwender

Ho­he Si­cher­heits­aufla­gen im Un­ter­neh­men hem­men Pro­duk­ti­vi­tät und In­no­va­ti­ons­f­reu­de der ei­ge­nen Mit­ar­bei­ter. End­an­wen­der füh­len sich da­durch fru­s­triert. Zu die­sen Er­geb­nis­sen kam ei­ne Stu­die im Auf­trag von Bro­mi­um.


Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.

I want to subscribe to the gratis press mail and have read and accepted the conditions.