Mobile Viruses in Man-in-the-Mobile Vs Multi-Factor authentications

Smart phones are drawing attackers' attentions especially for monetary gains. Viruses are targeting mobile platforms to compromise multi-factor authentication. Zeus is one of them.

we imagine a rough scenario how a mobile virus can compromise currently used assuming foolproof multi-factor authentication nowadays' banking industry use .
  1. USER Logins to FAKE BANKING SITE inspired by PHISHING Attack
  2. FAKE BANKING SITE asks USER to enter ONE TIME Device token to login to Actual Banking Site
  3. LOGIN SUCCESSFUL
  4. FAKE BANKING SITE Adds new Payee
  5. ACTUAL Banking Site asks ONE-TIME Device Token
  6. FAKE BANKING SITE asks USER to enter ONE TIME token to login to Actual Banking Site by showing UNSUCCESSFUL Login
  7. FAKE BANKING SITE submits ONE-TIME Device Token to ACTUAL Banking Site
  8. ACTUAL Banking Site sends ONE-TIME Authentication Token to USER's Mobile
  9. FAKE BANKING SITE Asks ZEUS VIRUS to silently Submit Token in SMS to Actual Banking Site
  10. FAKE BANKING SITE submits ONE-TIME Authentication Token to ACTUAL Banking Site
  11. ADDING PAYEE SUCCESSFUL
  12. FAKE BANKING SITE Transfers User's Money to New Payee
  13. ACTUAL Banking Site asks ONE-TIME Device Token
  14. FAKE BANKING SITE asks USER to enter ONE TIME token to login to Actual Banking Site by showing UNSUCCESSFUL Login
  15. FAKE BANKING SITE submits ONE-TIME Device Token to ACTUAL Banking Site
  16. ACTUAL Banking Site sends ONE-TIME Authentication Token to USER's Mobile
  17. FAKE BANKING SITE Asks ZEUS VIRUS to silently Submit Token in SMS to Actual Banking Site
  18. FAKE BANKING SITE submits ONE-TIME Authentication Token to ACTUAL Banking Site
  19. MONEY TRANSFER SUCCESSFUL





Comments

Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

Jumping out of Touch Screen Kiosks

HttpOnly Session ID in URL and Page Body | Cross Site Scripting