Description: VB2013 presentation by Fabio Assolini and Andrey Makhnutin (Kaspersky Lab)
Proxy auto-config (PAC): a resource from modern browsers that is extremely useful on corporate networks has been (ab)used by bad guys to steal millions from bank accounts around the world.
Its malicious usage has been known about since 2003, but it is among Brazilian (cyber)criminals that this technique has been improved and refined, and more recently shared among cybercriminals from Turkey and Russia.
The attacks are reaching a level of complexity and efficiency that has not been seen before, allowing a complete bank account hacking with just a 1KB file. Using a lot of creativity these malicious scripts allow man-in-the-middle, impersonation of HTTPS connections, in a silently web-based and highly effective attack.
These malicious scripts remain off the radar of most anti-malware companies - some have failed in detecting and blocking them. In this presentation we show the evolution of the attacks, how the bad guys are bypassing detection, the spread of the attacks and how to create a good detection to deal with the problem.
Note: We apologies for the sub-optimal quality of the video. This was caused by a problem with the recording and not by Fabio's slides.
For More information please visit: - https://www.virusbtn.com/index
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.