Secure Banking - a little german Software

[fredvries]

Actually, I'm a bit amazed that Secure Banking already is considered worthy of a test with these other well-known programs.

And the independent results show that it is the best program of the lot.

[SLE]

Quote:

Originally Posted by SecureBanking

No AV company, beside GData (with its bankguard -> costs 20€ and does not support chrome), offers the same protection against such banking trojans.

Wrong. There are quite a few products out there with BB and HIPS additions that warn you about code intrusion, process manipulation etc.

[SecureBanking]

Quote:

Originally Posted by SLE

Wrong. There are quite a few products out there with BB and HIPS additions that warn you about code intrusion, process manipulation etc.

Well I never saw something similar. All this HIPS are scanning all processes for malicious behavior, like you said code injection etc.
But Secure Banking operates completely different.
It checks the webbrowser for MitB attacks and so it can detect all kind of banking trojans.
With this technology it can in contrast to HIPS/behaviour scanner conclude the name of the malware. HIPS/behaviour guards are not able to do that.

For example a trojan can bypass such HIPS/behaviour guards if they are heavily obfuscated and has alot of dummy code in it, but Secure Banking detects them because in the end it performs a MitB attack.
On the other side of course, Secure Banking cannot detect malware which is not attacking the webbrowser, but HIPS/behaviour guards can.

So you cannot compare this tools. In my opinion both tools complete each other.

[SLE]

Quote:

Originally Posted by SecureBanking

It checks the webbrowser for MitB attacks and so it can detect all kind of banking trojans. With this technology it can in contrast to HIPS/behaviour scanner conclude the name of the malware. HIPS/behaviour guards are not able to do that.

No, beside the name thing which sometimes may be interesting you must see how trojans can get into the browser. And good HIPS solutions warn about process changes and manipulations,no matter how much dummy code the trojan contains. So IMO your tool is a nice addition to traditional signature based solutions. And I never wanted it to compare to HIPS/BB solutions, cause they usually contain a lot more.

btw.: How can you decline that it will detect "all kind of banking trojans"? I believe it can only detect that ones, that use the known (cause used in the pased) entry points your tool watches.

Beside that all: There are many other ways to attack online banking than MitB attacks. Thats why the name of your tool is confusing and suggesting a wrong feeling of secureness. It's more a sort of browser protection.

[kareldjag]

just to complete SLE statements with a few examples.
Browser protection is not new, a few years ago i have talked on my blog about some products like browser sentinel (http://www.browsersentinel.com/ ) spywall (http://www.trlokom.com/product/spywall.php ) and mostly trusdefender ( http://www1.trustdefender.com/ ).
TrustDefender has been acquired by ThreatMetrix and is now a SaaS.
And i do not mention Firefox IDS and other tools.

*your product target is not new, and nothing new under the sun.

The new generation of security suite already takes into consideration MitB based malwares.
an example with Bullguard http://www.bullguard.com/bullguard-s...e-browser.aspx
If there is many Security as a Service solutions designed for banks and merchants (i do not list them, as i do not want to see Secure-banking appeared as a ridiculous solution), there is a few other specialized products that try to mitigate risks during the transaction
As examples SafeTok https://www.safetok.com/solutions/anti-phishing.html
Antlabs Securite http://www.securitelive.com/

*Secure-banking is not the only online banking/shopping focused security product on the market (and how it works hooking monitoring, malware fingerprint, heuristic and other protection design does not really matter).

*I do not see what kind of advantages secure banking provides in comparison to well established HIPS like Sandboxie, Defense Wall, Online Armor and co.
As most of them are able to prevent most rootkit/trojan infections...
Does Secure Banking protects against XSS keylogguer, web/java script worm, keyboard sniffing, SSL MitM, cerificate spoofing....
With no doubt NO.
Some suite includes hardened browsers, and the user has the possibility for instance to surf with a cloud browser condom like Spoon for instance
https://spoon.net/browsers/
There is many ways to mitigate risks, without any secure banking solution...

Well...checked this soft for 10 mn on the train, and i have noticed its weak implementation on the system...poor self-protection and other weaknesses.
Anyway it needs of course to grown up, and additional routines on the table draw...

Auf Wiedersen

[TomAZ]

What does it mean if everything in Secure Banking seems to be functioning properly, but there is no balloon notification for the system tray icon when launching the browser? Is the balloon supposed to pop-up with every new use of the browser?

[CloneRanger]

@ kareldjag

I had forgotten about Spywall http://www.trlokom.com/product/spywall.php so Thanks for the memories Good to see they are still there !

SafeTok https://www.safetok.com/solutions/anti-phishing.html looks interesting, have you tested it ? If so ? & have you got a link to the results ?

I noticed they say to email them for more info, wonder why ? & no download link to trial it, but their other stuff we can ?

I was surprised they are in England !

[Dark Star 72]

Quote:

Originally Posted by CloneRanger

@ kareldjag
I noticed they say to email them for more info, wonder why ? & no download link to trial it, but their other stuff we can ?

Found the D/L link under downloads, 30 day trial

https://www.safetok.com/download/download.html

[fredvries]

It's a 30 day trial. Afterwards you have to buy it for £ 35.94/year.

Which means it's not free like Secure Banking is.

[lordraiden]

Quote:

Originally Posted by SLE

No, beside the name thing which sometimes may be interesting you must see how trojans can get into the browser. And good HIPS solutions warn about process changes and manipulations,no matter how much dummy code the trojan contains. So IMO your tool is a nice addition to traditional signature based solutions. And I never wanted it to compare to HIPS/BB solutions, cause they usually contain a lot more.

btw.: How can you decline that it will detect "all kind of banking trojans"? I believe it can only detect that ones, that use the known (cause used in the pased) entry points your tool watches.

Beside that all: There are many other ways to attack online banking than MitB attacks. Thats why the name of your tool is confusing and suggesting a wrong feeling of secureness. It's more a sort of browser protection.

The new banking malware (or the malware specifically oriented to banks) always works with MitB attacks, right?
All the famous and successful banking malware uses MitB: https://www.owasp.org/index.php/OWAS...Knowledge_Base

A keylogger screen logguer could read your bank account (but most of the banks mitigate this with virtual keyboards, or entering a partial password, or with confirmation via sms) anyway this kind of malware is not oriented to banking.

The difference btw Secure Banking and a HIPS is that Secure Baking blocks directly the banking malware and an HIPS will so you a popup that you may consider it trusted.

As far as I read from the MRG banking malware tests, all of them make a general use (more or less) of MitB, so even if is a new baking malware some products are able to block it directly. Like happend in the MRG tests with Zemana and Trusteer rapport using a private testing tool able to reproduce a MitB attack that couldn't be in any database of any program.

[SecureBanking]

Well, no anti-virus solution is completely perfect on its own. (Example: Bypassing Comodo Internet Security HIPS)

I know, everything can be bypassed, also Secure Banking.

Also I cannot see the similarity between browsersentinel and Secure Banking.

And don't forget it is free!

Edit: As lordraiden said, 99% of malware which is targeted on online-banking fraud are using MitB attacks. Secure Banking is focused on such trojans and is free and a lightweight.

[lordraiden]

Quote:

Originally Posted by SecureBanking

Well, no anti-virus solution is completely perfect on its own. (Example: Bypassing Comodo Internet Security HIPS)

I know, everything can be bypassed, also Secure Banking.

Also I cannot see the similarity between browsersentinel and Secure Banking.

And don't forget it is free!

Edit: As lordraiden said, 99% of malware which is targeted on online-banking fraud are using MitB attacks. Secure Banking is focused on such trojans and is free and a lightweight.

To improve your program, I mean to avoid to kill easily Secure Banking you can use some of the tools of the matousec pack to test it. It has a lot of tools that you can use to try to kill, crash... Secure Banking.

64bit: http://www.matousec.com/projects/sec...ting-suite-64/
32bit: http://www.matousec.com/projects/sec...testing-suite/

[TaranScorp]

Ok, will the Opera browser ever be supported?
Don't want to get excited for nothing

[SecureBanking]

Well, the threats aren't very big for Opera (Source), but if I get malware in my hands, which is attacking it, I'll definitely think about it.

[TomAZ]

@Secure Banking. Could you please respond to this...

What does it mean if everything in Secure Banking seems to be functioning properly, but there is no balloon notification for the system tray icon when launching the browser? Is the balloon supposed to pop-up with every new use of the browser -- every time the browser is opened?

I seem to only get the balloon the first time I open my browser, but then not again after that unless I restart or reboot.

[kareldjag]

Hi
My posts on this board are only motivated by performing my english without the need of any dictionnary, and to guive an independent (no software to promote) and neutral opinion.
If there is many security enthusiasts here, it is sometimes necessary to introduce a few "strudlle" of scepticism...
Banking is a process, and then this process is only secure if all possible insecurity holes for each side is circumsribed with reliability and efficiency.
This never happens in theory, but often in practise and in a statistically point of view.
Unfortunatelly, most softs only try to keep the host side immune from threats vectors (malware, keyloggers etc).
But various other factors need to be reliable: sockets, certificate authaurity, bank web site, data protection and authentication factors, DNS servers etc...
That s why a subscription to a Security as a Service providers appears more interesting for the average user.
As an example i can mention for UK users SafeCentral
http://lifestore.aol.co.uk/category/...ukstor00000067
Info here http://www.safecentral.com/banking-user.html

Of course taking time to provide a free security soft for users is a respected attitude, and a pro, paid and enhanced version would not be scandalous at all.
In this case some improvement are needed...especially if we consider that any script kiddy can try to bypass most popular products with the help of the underground economy (attached image).
I have no respect for plagiarists like Matousec, as they have hiacked the FREE work and methodology that some guys have done years and years before (gkweb, kareldjag, André Kolishchak and some others)...

Rgds

[TaranScorp]

SecureBanking,
Thanks for considering Opera.
Do you think Secure Banking would compliment Webroot's SecureAnywhere and Emsisofts Online Armor's Banking Mode?

[CloneRanger]

@ Dark Star 72

In order not to hijack this thread, i've started a new one.

@ fredvries

Correct

[lordraiden]

Quote:

Originally Posted by SecureBanking

Well, the threats aren't very big for Opera (Source), but if I get malware in my hands, which is attacking it, I'll definitely think about it.

According to that link Chrome is less targeted than Opera but Secure Banking is compatible with Opera... I don't understand it.

[SecureBanking]

Quote:

Originally Posted by TomAZ

I seem to only get the balloon the first time I open my browser, but then not again after that unless I restart or reboot.

That sounds strange.
How often you get this balloon tips depends on your webbrowser.
For example Firefox just creates one process for the whole surfing-session. So you just get one balloon tip. If you close your webbrowser and start it again, you should get another balloon tip.

In contrast to Firefox, IE and Chrome are creating new processes each time you open a new tab. So a new process means -> a new balloon tip.

Quote:

Originally Posted by TaranScorp

Do you think Secure Banking would compliment Webroot's SecureAnywhere and Emsisofts Online Armor's Banking Mode?

What do you exactly mean with compliment?

Quote:

Originally Posted by lordraiden

According to that link Chrome is less targeted than Opera but Secure Banking is compatible with Opera... I don't understand it.

Thats true, (lets say they're both same up) but Chrome has 10x more users as Opera.

[TomAZ]

When can we expect the English version?

[fredvries]

@TomAZ

The next version will be bilingual (German and English). It is not exactly known when that version will be released because the coder is very busy with his studies at university.

[newbino]

@SecureBanking

Firstly, welcome to Wilders and thanks for your efforts with this freeware. I look forward seeing it developed further.

Please also consider adding Waterfox, a Firefox 64-bit specific variant, to your list of protected browsers.

[TomAZ]

Is SecureBanking still effective when the browser is running under Sandboxie?

[SecureBanking]

Quote:

Originally Posted by TomAZ

Is SecureBanking still effective when the browser is running under Sandboxie?

Yes, it is.

Quote:

Please also consider adding Waterfox, a Firefox 64-bit specific variant, to your list of protected browsers.

Thanks, I'll keep an eye on it.