New malware program hooks into networking APIs to steal banking data

Very weird, why do these researchers say that this method is new?

It´s actually quite popular and is being used by just about all banking Trojans like Zeus, Carberp etc. Apps like Zemana, SpyShelter, Trusteer (and a few others) all claim they are able to stop these kind of browser hooking trojans.

 

To be honest I'm extremely skeptical of such claims. You can't have your data 100% encrypted, it has to be decrypted somewhere in RAM. You can make the decrypted data harder to access, e.g. through mandatory access control, or at by blocking common payload types like the aforementioned DLL injection. But you can't make the data encrypted everywhere, and you can't make it encrypted where applications won't know how to decrypt it. Encryption is not magic.

Edit: in fact I am going to start a new thread on this.

 

It's rather simple in some cases. You just stop the malware from injecting into browser etc and ur data is safe.

 

Right, but that is wholly different from claiming to "encrypt keystrokes between the keyboard and your applications" or whatever.