Like Swiss Emmental cheese, online banking protections may be full of holes. Banks have been trying to prevent cyber crooks from accessing their customers’ online accounts for ages. They have, in fact, invented all sorts of methods to allow their customers to safely bank online. This research describes an ongoing attack we have dubbed “Emmental” that targets a number of countries worldwide. The attack is designed to bypass a certain two-factor authentication scheme used by banks. In particular, it bypasses session tokens, which are frequently sent to users’ mobile devices via Short Message Service (SMS). Users are expected to enter a session token to activate banking sessions so they can authenticate their identities. Since this token is sent through a separate channel, this method is generally considered secure.
However, this criminal gang has managed to create a complex system to defeat this protection.
SPEAKER: David Sancho