Form grabbing
Form grabbing is a form of
History
The method was invented in 2003 by the developer of a variant of a
Known occurrences
A trojan known as Tinba (
Another known version is British Airways breach in September 2018. In the British Airways’ case, the organizations’ servers appeared to have been compromised directly, with the attackers modifying one of the JavaScript files (Modernizr JavaScript library, version 2.6.2) to include a PII/credit card logging script that would grab the payment information and send the information to the server controlled by the attacker hosted on “baways[.]com” domain with an SSL certificate issued by “Comodo” Certificate Authority. The British Airways mobile application also loads a webpage built with the same CSS and JavaScript components as the main website, including the malicious script installed by Magecart. Thus, the payments made using the British Airways mobile app were also affected. [7]
Countermeasures
Due to the recent increase in keylogging and form grabbing, antivirus companies are adding additional protection to counter the efforts of key-loggers and prevent collecting passwords. These efforts have taken different forms varying from antivirus companies, such as safepay, password manager, and others.[1] To further counter form grabbing, users' privileges can become limited which would prevent them from installing Browser Helper Objects (BHOs) and other form grabbing software. Administrators should create a list of malicious servers to their firewalls.[2]
New countermeasures, such as using Out-of-band communication, to circumvent form grabbers and Man-in-the-browser are also emerging; examples include FormL3SS.;[8] those that circumvent the threat use a different communication channel to send the sensitive data to the trusted server. Thus, no information is entered on the compromised device. Alternative Initiatives such as Fidelius use added hardware to protect the input/output to the compromised or believed compromised device.
See also
- Keystroke logging
- Malware
- Trojan horse
- Web security exploits
- Computer insecurity
- Internet privacy
- Tiny Banker Trojan
References
- ^ a b "Capturing Online Passwords and Antivirus." Web log post. Business Information Technology Services, 24 July 2013.
- ^ a b Graham, James, Richard Howard, and Ryan Olson. Cyber Security Essentials. Auerbach Publications, 2011. Print.
- ^ *Shevchenko, Sergei. "Downloader.Berbew." Symantec, 13 Feb. 2007.
- ^ *Abrams, Lawrence. "CryptoLocker Ransomware Information Guide and FAQ." Bleeding Computers. 20 Dec. 2013.
- ^ *"Form Grabbing." Web log post. Rochester Institute of Technology, 10 Sept. 2011.
- ^ Kruse, Peter. "Crimekit for MacOSX Launched." Archived 2014-01-31 at the Wayback Machine Web log post. Canadian Security Intelligence Service, 02 May 2011.
- ^ Bolat, Jeff. "Cryptograb". Retrieved 26 January 2022.
- ISBN 978-1-891562-63-1.