Yet another way two-factor authentication has been bypassed:
For a user to fall prey to Eurograbber, he or she must first be using a computer infected with the trojan. This was typically done by luring the user onto a malicious web page via a round of unfortunate web surfing or email phishing attempts. Once infected, the trojan would monitor that computer’s web browser for banking sessions. When a user visited a banking site, Eurograbber would inject JavaScript and HTML markup into their browser, prompting the user for their phone number under the guise of a “banking software security upgrade”. This is also the key to Eurograbber’s ability to bypass two-factor authentication.
It’s amazing that I wrote about this almost eight years ago. Here’s another example of the same sort of failure.
Original news article at https://www.schneier.com/blog/ on December 11, 2012 at 12:34AM