My bank recently recommended that I download security software Trusteer Rapport which runs in the browser's background.
The software has been around since 2008.
Comment back then:
“Some of today’s nastiest data-stealing malware works by hijacking these Windows APIs. For example, keyloggers simply hijack or ‘hook’ the Windows API that handles the transmission of data from user interfaces, such as the keyboard and mouse. A more advanced type of malware – known as a ‘form grabber’ – hijacks the ‘WinInet‘ API – which sets up the SSL (think https://) transaction between the user’s browser and the encrypted Web site. By hijacking this API, a form grabber can rip out usernames and passwords even when the user is submitting them into a site that encrypts the data during transmission because it grabs that information at the lower level of the operating system, before it is encrypted.
Trusteer’s software examines these and other vital Windows APIs to see if any other process is trying to intercept sensitive data. It then blocks those that do.”
Update on this software:
krebsonsecurity.com/2010/04/a-closer-look-at-rapport-from-trusteer/How safe are you online?
identity-crisis
Comments