The new version of the Trojan Citadel focuses on Computer Systems of airports
In Trusteer claim that Citadel threatens the functioning of airport security and passport control services.
Specialists of the company Trusteer found a new version of the Trojan Citadel, which can be used to launch attacks on computer systems of airports.
Antivirus and Security Software
(Best Deals, special offers, coupon discount)
Citadel allows attackers to take control of VPN-protected compound, which is installed between a computer and some airport staff member interfaces of internal computer systems, responsible for airport operations.
In Trusteer did not specify exactly which airport was the target of hackers and software, which the manufacturer was subjected to attack the virus. It is known that the victims were notified of the existing threat.
The new version of the Trojan Citadel contains an elaborate scheme to steal data. It should be noted that the airport system, which has become a victim of Citadel, use the authentication mechanism with two modes. As part of this authentication, the login member should enter the airport is not only a user name and password, and a one-time PIN-code, which is sent to his mobile phone. However, the attackers did not break into mobile devices employees.
Instead, after gaining control over the system VPN, the interface mode of hackers include single-factor authentication, which shows the user the check image with ten digits instead of sending SMS-messages.
Citadel is able to capture the user’s screen that allows you to get the name of the user signs on the test image, as well as a temporary code that is obtained by comparing the code, and a permanent password, made by the employee.
In Trusteer note that this is not the first time, when the company fixes the use of banking Trojans in the attacks on certain companies. This attack is particularly worrisome, as the Citadel threatens the functioning of airport security and passport control services. A report Trusteer can be found here.