Initial Disclosure Date: July 17, 2014
On July 16, 2014, a Japanese security firm based in Tokyo, SecureBrain Corporation, revealed about updated VAWTRAK or Papras malware which targets 20 Japanese credit card companies. If a user accesses the Internet banking website of those targeted companies with an infected PC, a man-in-the-browser (MITB) attack is launched to insert short codes including script tags in order to change the contents and steal information.
Once a user inputs his or her ID and password in the fake Internet banking website, the information is forwarded to the adversary’s server. The input prompts another window which demands the victim to type his or her credit card number, expiration date, and security code. However, no credit card company requires users to input all of the information in one window. The user should stop typing his or her information immediately and needs to change the ID and password as soon as possible because the information was already sent to the adversary.
The 20 credit card companies are:
Sources:
日立システムズは、システムのコンサルティングから構築、導入、運用、そして保守まで、ITライフサイクルの全領域をカバーした真のワンストップサービスを提供します。