October 20, 2015 -
BioCatch announced that its fraud detection platform is the first solution that can detect RAT-in-the-Browser (RitB) malware in real time.
Hackers are increasingly using Remote Access Trojans (RATs), such as Dyre and Dridex, as their primary method of attack to breach the online banking accounts of unsuspecting individuals.
All of the top malware kits, including Zeus, Dyre, Neverquest and Dridex, feature RAT capabilities, which proves how ubiquitous RitBs attacks are among hackers.
Attackers who deploy RitBs make it more difficult for banks to detect any fraudulent activity, as a session can look completely normal since the device is trusted, there is a known IP address, and there are no signs of automated scripts.
BioCatch’s fraud detection platform analyzes hundreds of user interaction parameters enabling the creation of a specific model that differentiates between users who directly control their device and users that remotely control the device via the Internet.
Each Trojan operator that uses the RitB capabilities also leaves its own unique traces in the fraudulent session.
BioCatch researchers have also discovered a new variant of RitB fraud attacks on online banking called Social RitB, which has its own unique method.
Social RitB uses “social engineering” tactics, such as phone calls, to dupe would-be victims into installing a standard Remote Support Tool, which allows attackers to gain access to private information.
“BioCatch consistently works to stay ahead of the game in combating fraud,” said Oren Kedem, vice president of products at BioCatch. “With each attempted malware attack caught by BioCatch, we are able to derive valuable information that helps us identify and defend against new threats, providing the most sophisticated up-to-date protection for our customers.”
BioCatch is inviting people to register for its RAT WARS Kit, which includes access to exclusive data and special events.
Previously reported, BioCatch was granted two new patents relating to behavioral biometrics, including one for its “Invisible Challenge” hidden tests and another covering biometric authentication for mobile devices.