Carberp Beating Two Factor Authentication

Posted on

  • email
  • twitter
  • facebook
  • share this

share this


TrustDefender Labs has released an analysis into how the new Trojan Carberp infiltrates websites and highlights the impressive JavaScript injection code used.

Those behind Carberp spent time not just on the configuration file, but also making sure they have a method in place to compromise two factor authentication schemes. The Trojan uses heaviliy dynamic JavaScript hosted on a valid HTTPS website.

Andreas Baumhof, CTO of TrustDefender comments, “The evolution of Trojans such as Carberp highlights how Trojans use complex behaviour to employ intelligent guises and commit fraudulent activity. Financial institutions and enterprises need to provide appropriate security, beyond traditional AV software to reduce the risks of fraudulent activity.”


Custom WordPress Design Themes at Get the most designs for your buck when you start a design project!

Login To Comment

forget your login information?

Become a Member

Not already a part of our community? Sign up to participate in the discussion. It’s free and quick.

Sign Up

Be the first to comment on this article


999 E Touhy Ave
Des Plaines, IL 60018

Toll Free: 1.800.817.1518
International: 1.773.628.2779
Fax: 1.773.272.0920