‘Insidious’ client-side malware targets banks through customers

Image source: Article

Image source: Article

Banks are at risk from a new kind of ‘client side injected malware’ attack, in which attackers install malware on the customer’s device and use it as a base to attack their bank as well as steal private information.

While man-in-the-browser attacks using injected ads, spyware scripts, unauthorised cookies and fake surveys designed to look like they are part of the bank’s website or app have been around for some time, the CSIM attack is a relatively new malware phenomenon which has grown rapidly in the last six months.

Read the full article