HitmanPro.Alert is a free tool that checks the browser integrity and alerts users when secure online banking and shopping is no longer guaranteed.
(Click here for the BETA version of HitmanPro.Alert 2.5 with CryptoGuard)
It is a known fact that the internet is a hotbed of online crime. When you bank and shop online or remotely connect to your office, you (and the companies you do business with) become a prime target for online fraud. Increasingly, cybercriminals' primary attack vector are the vulnerabilities in your browser, plug-ins and operating system which allows them to silently infect your computer, using popular compromised websites and advertisement servers as staging ground.
When you connect to a e-commerce site, such as a bank or bookseller, your web browser encrypts the communication so it can securely exchange transactions between your computer and the website.
However, the transaction data exists in plain readable format in your web browser.
This plain information can be compromised and manipulated by financial malware to e.g. steal your account and banking credentials or change your transaction details,
just before it is encrypted and securely sent to your bank.
These banking Trojans are very difficult to detect, even with up-to-date antivirus software. This is because the attackers use custom-engineered binary obfuscation (polymorphism), cloaking and other armoring techniques to evade detection the first few days. To maximize the effectiveness of their campaign they test each specially crafted malware sample against antivirus products.
Many renowned security companies acknowledge the low detection rate of banking Trojans. During the first 24 hours the average detection rate of new variants of financial malware, like Zeus, SpyEye and Sinowal, is very low. But cybercriminals only need a few hours to infect tens of thousands of computers and successfully steal money from hundreds of victims. Reports show a loss of millions of euros in 2011, with an average loss of 4,400 euro per victim. In many cases victims have to wait months before they are compensated by their banks. It is only a matter of time when compensation is no longer obvious if you haven’t followed the necessary protection procedures.
Nearly all banking Trojans hook into the core operating system and relay critical system functions to position themselves between Windows and the web browser.
This enables them to steal information and manipulate your online transactions.
HitmanPro.Alert will instantly detect over 99% of all known and new banking Trojans. It automatically informs users when critical system functions are diverted to untrusted programs. It effectively reveals the presence of any so called Man-in-the-Browser malware and offers the user to automatically download and scan their computer with HitmanPro anti-malware to immediately remove the security threat.
Most modern malware, including banking Trojans, use tricks to thwart malware research by avoiding debugging and automated analysis systems that can reveal its purpose. The vaccination feature in HitmanPro.Alert 2 makes easy use of the malware’s own tricks. It makes malware belief it is running in an unwanted research environment, automatically causing most sandbox-aware malware to disable itself.