BYPASSING MALWARE DETECTION MECHANISMS IN ONLINE BANKING presented at BlackHatAsia 2015

by Jakub Kaluzny, Mateusz Olejarka,

Summary : Online banking applications are particularly exposed to malware attacks. To minimize losses, banks have invested in malware detection mechanisms which are not running as programs on client machine but either server-side or by JavaScript in the risky application. We have tested many solutions which are using different detection methods such as behavioral patterns, web injects signatures, or user input analysis. Our research points out clearly: even "100% malware proof solutions" have serious implementation errors. It is only a matter of time when malware creators will start targeting their guns against these vulnerabilities, effectively bypassing or abusing costly countermeasures. Is it a road to failure or can we improve them?