How attackers defeat session token protection

A Trend Micro Research Paper describes an ongoing attack that targets a number of countries worldwide. The attack is designed to bypass a certain two-factor authentication scheme used by banks. Operation Emmental is a complex operation that involves several components in order to defeat a particular online banking protection system used in several countries. The infrastructure required to pull the attack off is not inconsequential—the attackers need a Windows malware binary, a malicious Android app sporting various banks’ logos, a rogue DNS resolver server, a phishing Web server with several fake bank site pages, and a compromised C&C server.

In response, Trend Micro contacted the banks that the cybercriminals behind Operation Emmental attempts to phish so they could take appropriate measures to protect their clients.

Read the full paper here –

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top