KL - Remote toolkit making online banking fraud easy

KL-Remote is giving Brazilian fraudsters a user-friendly "virtual mugging" platformAnother user-friendly attack toolkit is on the market, and it's perfect for the budding Brazilian banking fraudster. It's got an attractive, user-friendly interface that includes a "start phishing" button. And it effectively circumvents both two-factor authentication and device identification protections.IBM Security Trusteer released details today about this KL-Remote, a remote overlay toolkit that performs what it calls "virtual mugging." Unlike banking Trojans, KL-Remote is less automated (because where's the fun in that). It requires attackers to do some manual sleight of hand, but it makes it very easy to pull off.The toolkit is distributed by being embedded in other malware. It comes preloaded with a list of targeted banking URLs. When the infected user visits one of those sites, the malware operator gets an alert and can then decide whether or not to proceed with an attack.Read more

Rate this article: 
No votes yet