Presentations‎ > ‎

The Man, the Banker and the Browser

Authors

Andrei Saygo and Patrik Vicol

Abstract

Nowadays, malware uses a variety of methods to try to cover its traces and remain hidden from the user so that it can perform its malicious actions without arousing suspicion. The Man-in-the-Browser (MitB) attack is one such method that, if successful, allows malware to initiate other kinds of attacks, like SSL session stealing and even smart card communication interception.
We will dive into different types of attacks and show how the technical bits and pieces are put together by malware authors to achieve their end goal of theft, whether it’s money, personal information, or other sensitive items.
Finally, we will talk about the different measures that are put in place to prevent information from being stolen and how effective each of these measures are.

Slides

Download the Powerpoint version or the PDF version.