August 23, 2012

Kaspersky Lab Unveils “Safe Money”

Peter Suciu for — Your Universe Online

Career criminal Willie Sutton never actually said that he robbed banks “because that´s where the money is,” and he actually said, “Why did I rob banks? Because I enjoyed it. I loved it.” Today´s cyber-criminals don´t create banking malware because they love it; they do it because the malware is aimed at banks and “that´s where the money is.”

This week Internet security firm Kaspersky Lab introduced new version of the Kaspersky Internet Security and Kaspersky Anti-Virus to ensure that the money in the bank is truly as safe as “money in the bank.” The firm reported on Thursday that it research suggests that more than 1,400 news pieces of banking malware are created — each day!

At the same time more than $1.2 trillion will be exchanged over the Internet in 2012, and thus thieves will see this as a potentially juicy target.

To ensure that money is safe Kaspersky has added a new feature, an exploit blocking engine called Automatic Exploit Prevention, which is designed as a response to the increase in the number of phishing attacks. This includes an anti-phishing engine that is quite similar to the antivirus and anti-malware engines and more importantly updates daily to ensure that cyber-criminals can´t get a jump on weekly updates.

But is this really necessary? It could be as going to the bank seems to be the course of action for thieves as much as those looking to save for a rainy day.

CNET reported that recent successful banking breaches can result in very big scores, ranging from $3 million to more than $220 million. This is made worse as U.S. banks generally have lowers standards of security than European institutions.

The Automatic Exploit Prevention reportedly can block most devious exploits, and it reportedly can block the BlackHole exploit 100 percent of the time, and 95 percent of all phishing exploits. In addition the software is designed to block Duqu and other malware hacks that look to install on a computer before the antivirus program loads during a boot.

The Safe Money functionality is also an update to ensure protection with online transactions. It automatically activates when visiting common payment services such as PayPal or banking sites; it isolates payment operations in a special web browser to ensure that transactions are not monitored; verifies the authenticity of banking or payment sites; evaluates the security status of the user´s computer and warns about existing threats; and finally provides an onscreen “virtual keyboard” for entering of credit card or payment with mouse-clicks to prevent malware from logging any keystrokes.

Kaspersky apparently believes that the software is up to the task, and in July had the Safe Money technology evaluated against 15 real-world attack styles used by malware to steal banking information. This included testing by independent research lab Matousec. Kaspersky reported that its software suite successfully blocked all 15 banking tasks.

The new software also is designed for general browsing as well, and features an antivirus engine with better detection rates, new anti-phishing technology to detect imposter websites designed to steal passwords and other data, and a simplified interface with faster installation and easier day-to-day use. The performance has been improved to ensure that computers aren´t slowed down by the very software meant to provide protection, while power consumption has been addressed to also ensure that battery life isn´t compromises either.

The only question is whether this is enough that you can take Kaspersky´s promise to the bank.