19 March 19, 07:04
(This post was last modified: 25 March 19, 09:00 by harlan4096.)
Quote:Continue Reading
Test of software for online banking protection
This is our next test from the series of comprehensive tests of various types of products for protection of computers and workstations. In February 2019, we tested dozens of solutions to protect the Windows 10 operating system, paying particular attention to the possibility of blocking malicious software and resisting attacks that are aimed at operations on online banking accounts. Less than half of the tested software has so-called special components for protection of online payments which have various names such as “Safe Money”, “Banking Mode”, or “Banking Protection”. Most of these modules are directly integrated with security suites, and thus can’t be used as separate software. These components add another layer of security, useful in situations when there is a need for confidential data protection while using online banking. We assume that a user has probably installed an antivirus product, so he entrusts the security of his finances to the developer who doesn’t necessarily provide to software dedicated and specialized modules for the protection of online purchases. Therefore, we decided to check which of the most popular solutions guarantee an unrivaled level of security, regardless of whether they have such technologies. The test was designed to simulate over a dozen different scenarios of attacks that had focused on theft of important data entered into a browser or data stored in Windows 10 with a security suite installed.
Step by step procedure
All solutions have been tested on default settings, however, it’s often the case that key protection components are disabled, such as anti-keylogger or anti-ARP poisoning. Probably there will never exist an application that will fully cover and secure all attack vectors, therefore education and effective use of appropriate software is very important. For this reason, all products have been tested on modified settings for the second time. We have enabled some features, changed a protection level to more aggressive or run so-called banking mode to check if modifications in settings have an impact on attacks detection and unknown malware blocking. It’s also a hint for developers who should consider the introduction of additional protection against popular attacks. They should also consider enabling features that aren’t activated by default.
Most of the malicious scripts used in the test were written in the Python programming language and compiled into EXE executable files using the PyInstaller tool. We have used the Bettercap 2+ tool for the man-in-the-middle attacks. The reader can treat samples from the test (on the day of testing) as completely undetectable for antivirus software. Malicious software has been sent to developers and should already be detected.
Full PDF Report