(site map)


On Windows 7 (or Vista) I use

  unlimited administrator's account (57.95%)

  limited administrator's account (16.46%)

  common user's account (13.65%)

  nothing (I do not use Win 7/Vista) (14.19%)




Online Payments Threats Comparative Testing (2012/07/06 08:38)

We have been asked to design and perform a comparative testing focused on financial malware – i.e. malware created to steal credentials to online payment services. The task was assigned by Kaspersky Lab ZAO in order to test their new Safe Money technology, which is implemented in their upcoming Kaspersky Internet Security 2013. Besides Kaspersky Internet Security 2013 (RTM version) we have included 13 security products from different vendors in this testing. Except for Trusteer Rapport all products were general purpose anti-virus products and Internet security suites. With primary focus to common inexpert users, assuming no or low computer security awareness from the users, all products were tested in their out-of-box configurations.

We have designed 15 tests with ability to steal PayPal and eBay credentials. Each test exploited different attack vector to achieve its goal. The techniques of the tests were inspired by widespread real-life malware including Zeus, Sinowal, Silon, Cidox, SpyEye, Carberp, Yaludle, etc.

A half of the tested products did not prevented a single test to steal the credentials. Only two of the tested products passed all the tests – Kaspersky Internet Security 2013 and Trusteer Rapport.

See the complete report for more information about this testing.