Technical Articles
F5 SMEs share good practice.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
Historic F5 Account

Recently several e-banking Trojans (Dyre, Cridex, and Tinba, for instance) have used script injection techniques to modify the original web page. The modification may enable the attacker to perform money transactions using victims’ credentials. This may be perpetrated by a Trojan injecting a malicious JavaScript code to the client’s browser, once the client is connected to the website. The injected code performs different functions, including attempting a money transfer from the client’s account, gaining control on mobile devices, and much more. To maintain the information sent by the Trojans, attackers have developed different types of command and control (C&C) systems that enable them to grab and manage the injected code and its functions these systems are usually PHP-based systems accompanied by a SQL database.

In his research, Elman Reyes, F5 SOC Analyst in the Anti-Fraud team reveal another webinject that was detected by WebSafe and blocked by F5 SOC within just couple of hours.

Please click here to download the full analysis report.

Version history
Last update:
‎12-Dec-2015 12:27
Updated by: