New Ursnif variants silently targets banks and employ redirection attacks
This article talks about the following: The recent attacks on Australian banks has alarmed consumers and this has been attributed to New Ursnif that is using redirection attacks and malicious TLS callback techniques to achieve process injection. It does it by establishing a genuine connection with the bank as if it’s a legitimate connection and then gradually use web injections to steal the login credentials.
It will be interesting to see how things unfold in the future. While banks in Australia are known to be highly sophisticated in their cyber systems, such threats have sparked a new debate. How can banks even know about new types of threats that are coming in? If legitimacy is what attackers are playing with, how can bank employees be trained of new ways of threat and denying any service to packets from such systems?