‘Son of Silon’ Financial Malware Discovered By Security Vendor Trusteer
New Trojan uses decoys and monitoring to evade detection and fight deletion.
Security vendor Trusteer has uncovered a type of financial malware that it claims is capable of avoiding detection by most types of anti-virus software.
The Trojan, dubbed Tilon, uses the so-called ‘Man in the Browser’ (MitB) technique: the malware injects itself into the software and is then in full control of the traffic travelling between the browser and the web server.
“[Tilon] has an impressive list of supported browsers – Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and probably others,” said Amit Klein, chief technology officer at Trusteer.
According to Klein, Tilon, which is related to the Silon malware Trusteer detected in 2009, is specifically targeted at online banking customers protected by two factor authentication systems.
It is able to gain access to all login credentials and transactions, the company said, by capturing all form submissions and sending them to its command and control server.