New Trojan Trumps Two-Factor Authentication


The newly discovered Trojan, Eurograbber, is making news for more than just being a Trojan that attacks mobile channels. Cyber thieves have created this Trojan in a way that first attacks a victims PC and then moves into their mobile phone when the user enters the one-time passcode generated for two-factor authentication. As Darrell Burkey discussed in an interview, the most concerning thing about this Trojan is the way it was engineered. It was created specifically to attack a certain type of authentication that many banking institutions are now using. This type of mal-technology could attack any type of institution and cause a threat to standard authentication measures. Over $47 million US dollars worth of Euros have already been stolen from this lone Trojan. And just because this threat was created in Europe, does not mean it is contained to only attacking users over seas. The attacks originated in Italy and then quickly spread through out neighboring countries, targeting Android and Blackberry deceives.

Banks and other institutions, which do not use two-factor authentication, should still heed this warning. Perhaps the most frightening thing about this new development is not just the attacks themselves, but the overlaying concept clearly illustrating that cyber thieves are adapting. Standard and traditional authentication measures will no longer be enough to protect against identity theft. Companies must learn to fight fire with fire and adopt fraud prevention measures that cant be outsmarted by cyber thieves and identity thieves. Just as companies have adjusted in the past, it is time that businesses rethink their fraud prevention strategy. Fraud prevention is not a one-size-fits-all solution and requires revising and reconstruction. Companies that have not rethought their fraud prevention in the last few years, even months, may need to find a new identity authentication solutions as technology advances. The key is to be three steps ahead of your competition and cyber thieves to prevent and protect against identity theft.

[Contributed by EVS Marketing]