Financial Malware Hijacks Online Banking Sessions

Orome1 writes "A new type of financial malware has the ability to hijack customers' online banking sessions in real time using their session ID tokens. The OddJob Trojan keeps sessions open after customers think they have 'logged off,' enabling criminals to extract money and commit fraud unnoticed. This is a completely new piece of malware that pushes the hacking envelope through the evolution of existing attack methodologies. It shows how hacker ingenuity can side-step many commercial IT security applications traditionally used to defend users' digital — and online monetary — assets."