Recent attempts to separate a user from his banking credentials have employed some highly advanced methods. But this new take on the Man in the Browser attack just seems downright dastardly — we’re talking mustache-twirling levels of deviousness.
The banking industry often employs two-step security measures — similar to Google Authenticator — as an added layer of protection against password theft and fraud. Unfortunately, those systems have just been rendered moot by a highly-advanced hack.
