Electronic banking "remote desktop" scams tougher thanks to scientists from NASK
Currently, one of the most popular methods of attacking an electronic banking user is the so-called remote desktop scam. It involves remote access to the customer’s desktop during bank account operations. An effective solution to detect e-banking sessions carried out using a remote desktop application is a dedicated module of the BotSense system called Remote Checker.
Combating remote desktop fraud requires a financial institution to detect operations performed on the mobile and web banking application by remote access software, and then additionally verifying and ultimately blocking transactions if theft is suspected. This is not an easy task, as the utility software used in the attack does not provide mechanisms (e.g. APIs) to confirm an active remote session on the device.
Researchers at NASK have developed an effective solution to detect e-banking sessions carried out using remote desktop control. It is a dedicated module of the BotSense system called Remote Checker. The BotSense system, as a platform for securing the web and mobile channel of electronic banking, currently operates in 12 major Polish banks, a dozen cooperative banks, In its mobile version, it protects several million users of an application provided by a government institution. Its main functionalities include: detection of MiTB attacks, banking Trojans, mobile malware, collection of information about the device belonging to the user, verification of the integrity of this device and the banking application.