Spotting notorious Trojans like SpyEye and ZeuS on compromised desktop computers is the goal of a new security service from Trusteer.
The service, called Pinpoint, works by looking at customer Web site browser traffic to detect signs that a visitor’s desktop may be compromised with malware such as SpyEye or ZeuS, banking Trojans that can steal funds or cause other problems.
“We’re providing real-time alerts,” says Trusteer CEO Mickey Boodaei about the Pinpoint service which he says makes use of behavioral detection methods based on known malware and the command-and-control servers which remotely manipulate the victim’s computer.
The Trusteer service lets a bank receive an alert if it appears a customer desktop is infected at the very start of any authentication process. The bank can take a number of steps based on Trusteer’s information to either stop the transaction process, or turn to other options it may use to protect customer security. The idea is to integrate Trusteer’s logic into a risk-evaluation engine for scoring transactional risks. RSA and Actimize, for example, provide this type of risk-based scoring system for security purposes.
Unlike Trusteer’s Rapport service, which uses a software agent to protect banking customers, the Pinpoint service doesn’t require an agent.
“Rapport is focused on zero-day protection,” says Boodaei. In contrast, Pinpoint is looking at the customer browser’s interactions with the Web to try to identify known browser Trojans. Pinpoint does not scan the user’s machine internally.
The subscription-based service starts at US$1 per year for each customer whose Web activity is monitored by the bank or enterprise for security purposes.