BackSwap Defrauds Online Banking Customers Using Hidden Input Fields
ATT&CK techniques detected
T1059.007JavaScript
75%
“injected javascript analysis in the following analysis, we explain backswap ’ s actual fraud action and the user experience during a transaction session. the main purpose of the approximately 300 lines of javascript code is to create fake input fields that are visible to the vict…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
71%
“simply not open suspicious links or files received by an active spam campaign. backswap hides as a legitimate running application such as 7zip or ollydbg, which are applications not commonly run by typical users. md5 tested : fdc8e751535a4ce457f87e6c747217b8 9265720139aa08e688d43…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
BackSwap demonstrates unique behavior in its manipulation of user input fields and its handling of International Bank Account Numbers (IBANs).