Hacking Citibank's virtual keyboard
In some countries outside of the US, Citibank has a login option to enter your PIN by clicking on the display of a keyboard rather than with the physical keyboard. Perhaps the idea is to defeat keyloggers, but a researcher has demonstrated that it's easy for malware to capture the PIN anyway.
The technique, posted on the popular Bugtraq mailing list, generated some scorn from readers (not an unusual result on Bugtraq).
At Yahoo! News.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.