Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Most useful free security tool


  • Please log in to reply
No replies to this topic

#1 LazyPotato

LazyPotato

  • Banned
  • 287 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:04 AM

Posted 05 September 2013 - 08:08 AM

Hello guys.

 

While lurking around for security tools -- I found a precious pearl -- It's called HMP alert,it'll watch your browser for banking trojan,tricking Zeus and other trojans like it think that they're in a VM and they'll automatically exit,even if they do not (or do) -- It will still alert the user about persistence of banking Trojan and warn the user to not enter any personal information or log into any account

 

Description from SurfRight

Link for HMP.Alert (as requested by Queen-Evie)

HitmanPro.Alert is a free tool that checks the browser integrity and alerts users when secure online banking and shopping is no longer guaranteed.

It is a known fact that the internet is a hotbed of online crime. When you bank and shop online or remotely connect to your office, you (and the companies you do business with) become a prime target for online fraud. Increasingly, cybercriminals' primary attack vector are the vulnerabilities in your browser, plug-ins and operating system which allows them to silently infect your computer, using popular compromised websites and advertisement servers as staging ground.

Background

When you connect to a e-commerce site, such as a bank or bookseller, your web browser encrypts the communication so it can securely exchange transactions between your computer and the website. However, the transaction data exists in plain readable format in your web browser. This plain information can be compromised and manipulated by financial malware to e.g. steal your account and banking credentials or change your transaction details, just before it is encrypted and securely sent to your bank.

These banking Trojans are very difficult to detect, even with up-to-date antivirus software. This is because the attackers use custom-engineered binary obfuscation (polymorphism), cloaking and other armoring techniques to evade detection the first few days. To maximize the effectiveness of their campaign they test each specially crafted malware sample against antivirus products.

Many renowned security companies acknowledge the low detection rate of banking Trojans. During the first 24 hours the average detection rate of new variants of financial malware, like Zeus, SpyEye and Sinowal, is very low. But cybercriminals only need a few hours to infect tens of thousands of computers and successfully steal money from hundreds of victims. Reports show a loss of millions of euros in 2011, with an average loss of 4,400 euro per victim. In many cases victims have to wait months before they are compensated by their banks. It is only a matter of time when compensation is no longer obvious if you haven’t followed the necessary protection procedures.

How to protect yourself

Nearly all banking Trojans hook into the core operating system and relay critical system functions to position themselves between Windows and the web browser. This enables them to steal information and manipulate your online transactions.

HitmanPro.Alert will instantly detect over 99% of all known and new banking Trojans. It automatically informs users when critical system functions are diverted to untrusted programs. It effectively reveals the presence of any so called Man-in-the-Browser malware and offers the user to automatically download and scan their computer with HitmanPro anti-malware to immediately remove the security threat.

Vaccination

Most modern malware, including banking Trojans, use tricks to thwart malware research by avoiding debugging and automated analysis systems that can reveal its purpose. The vaccination feature in HitmanPro.Alert 2 makes easy use of the malware’s own tricks. It makes malware believe it is running in an unwanted research environment, automatically causing most sandbox-aware malware to disable itself.

HitmanPro.Alert Features
  • Alerts the user when critical functions of the browser are compromised by known and new banking Trojans, like:
    • Zeus
    • SpyEye
    • Sinowal (aka Mebroot and Torpig)
    • Ice-IX
    • Citadel
    • Cridex
    • Carberp
    • Shylock
    • Tinba
    • and many others...
  • Passively vaccinates the computer to make sandbox-aware malware belief it is attacking an automated analysis system, causing the malware the disable itself.
  • Supports all popular web browsers: Internet Explorer, Chrome, Firefox, Opera, Maxthon, Comodo Dragon, Pale Moon, Tor Browser, Avant Browser, Baidu Spark Browser, SRWare Iron and Yandex Browser.
  • Future proof technology does not rely on malware signatures.
  • Compatible with all antivirus programs and runs alongside any other security software.
  • Supported on 32-bit and 64-bit versions of Windows 8, Windows 7, Windows Vista, Windows XP, Windows Server 2012, Windows Server 2008 and Windows Server 2003.

Screenshots

alert-welcome.png

alert-settings.png

 

alert-flyout.png

Here comes the best part

alert-intruder_alert.png

Download


Edited by LazyPotato, 06 September 2013 - 12:54 AM.
Moved topic from Tips and Tricks. ~bloopie


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users