We thought we would release some detail about our upcoming Browser Security / Financial Malware test.
This “test” is actually going to be an ongoing programme of assessing a cohort of security applications effectiveness in securing Internet Explorer 8 on an XPSP3 system against a combination of bespoke test tools, malware emulators and real, zero day to early life malware.
We are still in the process of securing the funds required to sustain this programme, but, to avoid delay and spark a bit of interest, we will be starting the first tests using our own, custom financial malware emulation tool.
We will repeat the test every 24 hours, each time using the same original build of our tool to assess the security applications ability to detect and counter this threat over time.
We will run the test, just using our emulator for the next week or so, until we have funds to widen the programme to include our other in-house tools (and so cover numerous vectors) and real malware.
The tool we will be using was designed in-house and is not available for use outside our labs.
The tool uses the same techniques employed by real malware to steal users banking data.
Due to the nature of this tool, we have designed it with security measures so we can block it globally, should it ever be stolen.
In this first test, we will use the tool to test security applications ability to:
1) Detect or block the test application on install
2) Prevent the tool from capturing data entered in to an HTTPS site using IE8
3) Prevent the tool from sending captured data out of the system
The security applications we are considering including are:
Internet Security Suites:
AVG Internet Security
Avira Premium Security Suite
BitDefender Internet Security
CA Internet Security
Comodo Internet Security
Eset Smart Security
F-Secure Internet Security
G DATA Internet Security
Kaspersky Internet Security
McAfee Internet Security
Norton Internet Security
Online Armor ++
Outpost Security Suite Pro
PC Tools Internet Security
Trend Micro Internet Security
VIPRE Antivirus Premium
Zone Alarm Security Suite
Dedicated Browser Security / Anti-Logging Applications:
Zone Alarm ForceField
Vendors whose application fails to block the tool and who have a service contract with MRG can contact us after the test to book a remote session in our labs.
As a result of our last browser security test and the fact that internet banking security is such a hot topic, we were contacted by a number of media agencies.
It is our intention to supply the results of this test to our contact at the BBC.
We expect to start the programme on 15 April.