{"id":10338,"date":"2013-06-04T21:21:14","date_gmt":"2013-06-05T02:21:14","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=10338"},"modified":"2013-06-04T21:21:14","modified_gmt":"2013-06-05T02:21:14","slug":"under-the-hood-banking-malware","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=10338","title":{"rendered":"Under the Hood: Banking Malware"},"content":{"rendered":"<blockquote><p>After 48 hours (and two all-nighters in a row) I logged onto the (now really REALLY) infected computer, complete with shiny new malware updates. I surfed to Bank of America\u2019s web page, and found what I was looking for\u2013 a Man-In-The-Browser attack in action!<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/lmgsecurity.com\/blog\/2013\/05\/26\/videos-of-blackhole-man-in-the-browser-attack#traffic\">Under the Hood: Banking Malware \u00bb LMG Security Blog<\/a>.<\/p>\n<blockquote><p>We cover malware network forensics, web proxies and flow analysis during Days 3-4 of the <a href=\"http:\/\/lmgsecurity.com\/edu-nf-class.html\">Network Forensics class<\/a>. We\u2019ll be teaching next at <a href=\"http:\/\/www.blackhat.com\/us-13\/training\/network-forensics-black-hat-release.html\"><span style=\"text-decoration: underline;\">Black Hat USA, July 27-30<\/span><\/a>. Seats are limited, so sign up soon!<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>After 48 hours (and two all-nighters in a row) I logged onto the (now really REALLY) infected computer, complete with shiny new malware updates. I surfed to Bank of America\u2019s web page, and found what I was looking for\u2013 a &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=10338\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[456,347,698],"class_list":["post-10338","post","type-post","status-publish","format-standard","hentry","category-technical","tag-forensics","tag-malware","tag-security-research"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/10338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10338"}],"version-history":[{"count":1,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/10338\/revisions"}],"predecessor-version":[{"id":10340,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/10338\/revisions\/10340"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10338"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}