Banks admit new trojan threat to internet banking
Relevant offers
New Zealand banks say they are vulnerable to attacks from a sophisticated new trojan capable of thwarting two-factor authentication.
Two-factor authentication is the use of two methods of verification to confirm a customer's identity.
This usually involves the customer providing a password and then a unique, single-use code supplied to them via their cellphone or a security token.
Security software company Symantec has issued a warning about the Trojan.Silentbanker, which has so far attacked more than 400 banks worldwide.
Security response manager John McDonald says the "man-in-the-middle" trojan is potentially very serious.
"It gets itself between a person's computer and their bank and while they're doing their bank transactions, it can potentially divert money."
He says the trojan bypasses two-factor authentication. "It gets on the computer and intercepts the information before it gets to the bank."
He says so far no banks with a ".co.nz" domain name are on the list of those targeted.
People can protect themselves by running up-to-date anti-virus software.
"If you're not running up-to-date anti-virus software that catches it, you won't know you've got it," says Mr McDonald.
Banks say they are aware of the trojan but to their knowledge, no customers have been affected by it.
Westpac head of e-business Stu Woollett says it is possible that Westpac customers are vulnerable to the trojan but the bank's monitoring of online activity and transactions should pick up any fraudulent activity.
"Banks that have second-factor solutions need to be thinking about how they're managing this, but it doesn't drive re-evaluation of our model."
Westpac's online guarantee promises to reimburse customers for any losses they suffer through Internet banking fraud.
Kiwibank spokesman Bruce Thompson says every bank is vulnerable to the trojan. He says sophisticated and evolving threats to security mean there is no specific solution, and Kiwibank is continually upgrading protection software.
Bank of New Zealand general manager of strategy and marketing Blair Vernon says BNZ's two-factor authentication system, NetGuard, and transaction-monitoring software make it a hard target.
- © Fairfax NZ News
Sponsored links
Google algorithm measures funny
Second Megaupload co-accused bailed
Review: Kingdoms of Amalur: Reckoning
Protests erupt across Europe against ACTA
Review: Sony HMZ-T1 Personal 3D Viewer
Career destroyed over battle of the planets
NZ police access Facebook evidence
Facebook can alienate people further - study
Brazil files injunction against Twitter
Review: Catherine for Xbox 360
Top selling games in New Zealand
One dead after SH1 crash near Wellington
Driver charged over Allan Hubbard crash
Police find woman's body in Manawatu
Adele's the big winner at Grammys
Proteas expect fiery series against Black Caps
Boxer Richard Tutaki enters guilty plea
Toxic soil fears five years before residents told
Pat Lam still mum on Piri Weepu's Blues role
Qantas grounding 'good for brand'
Seriously ill man found on beach
NZ's best farm land 'already sold off'
Dotcom accused van der Kolk 'flabbergasted'
One dead after SH1 crash near Wellington
Adele's the big winner at Grammys
Body found in Sydney tree identified
Police find woman's body in Manawatu
Woman crushed, friend watched 'helplessly'
Houston died in bathtub - coroner
