ArrayShield Launches IDAS Solutions Against Advanced Malware Attacks

ArrayShield, innovative pattern based Two Factor Authentication solution, has announced the countermeasure against all the advanced malware attacks through its IDAS Two Factor Authentication solution. Gartner’s report titled “Where Strong Authentication Fails and What You Can Do About It” has researched about sophisticated Trojan/malware based attacks that compromise not only passwords but also OTP/Token based Authentication.

According to the report one of the prominent attacks was described as follows: “Malware sits inside a user’s browser and waits for the user to log into a bank. During login, the malware copies the user’s ID, password and OTP, sends them to the attacker and stops the browser from sending the login request to the bank’s website, telling the user that the service is ’temporarily unavailable’. The fraudster immediately uses the user id, password and OTP to log in and drain the user’s accounts.”

One of the key aspects of this attack is that the fraudster acts immediately after receiving the credentials. So the fraudster can misuse the credentials with in a time window of 2-3mins, in which the OTP is valid as in the case of tokens.

Though this attack has been elaborated with respect to banks, similar kind of attacks have been reported being carried out on various enterprises to compromise sensitive data of organisations. Many sophisticated Trojans like Zeus use these kinds of techniques to carry out the enterprise data theft. These attacks illustrate that even if an enterprise uses traditional two factor authentication mechanisms like token or SMS based OTP mechanisms, it may be still vulnerable to the sophisticated malware/Trojan based attacks.

One of the mechanisms to protect against the above kind of advanced malware attacks is to use challenge-response based authentication mechanisms. Due to the challenge-response mechanism between the user and the server, even if malware captures the user’s credentials it cannot be reused by the hacker because the handshake will be broken if a hacker re-uses the credentials and tries to authenticate.

In ArrayShield IDAS, the character array shown for each transaction is unique and the One-Time-Secret Code derived by the user is valid only for that transaction. Even if a hacker does the advanced malware attack and attains the One-Time-Secret Code and replays the same from his machine immediately, it will still not be matching the One-Time-Secret Code for the different character array shown for this transaction.

Rakesh Thatha, Co-founder and CTO at ArrayShield said “ArrayShield IDAS product addresses the growing threat to enterprises from advanced malware/Trojan based attacks that steal the credentials and attack the enterprise in real time. By protecting the critical organisational data from advanced malware attacks, enterprises can minimise their security risk.”