Webinject Crafting Goes Professional: Gozi Sharing Tinba Webinjects
- by nlqip
More Complexity to Come
The profession of webinject crafting is being reflected in Trojan campaigns against banks. We can only guess whether the resemblance between the webinjects is a result of a cooperation or of both fraudsters buying webinjects from the same third party. Either way, a great deal of fraud business logic is now implemented in JavaScript and contained in the webinjects.
We expect the complexity of webinjects to increase, along with their roles in successfully committing malicious transactions. This trend is being closely monitored by our researchers. What remains to be seen is whether the “production” of these webinjects, which use shared rather than custom code, increases the risk that more organizations, and smaller organizations, may be attacked.
Sampled Tinba md5: a01412b41e1837754be907d6989472e5
Sampled Gozi md5: e4d8cc25266ae39a5e5e87c7048f15f3
Source link
lol
More Complexity to Come The profession of webinject crafting is being reflected in Trojan campaigns against banks. We can only guess whether the resemblance between the webinjects is a result of a cooperation or of both fraudsters buying webinjects from the same third party. Either way, a great deal of fraud business logic is now…