RSA launches new anti-Trojan service for fraud prevention

New service aims to identify and block threats, take down infection points, and recover compromised data

RSA Security has launched a new anti-fraud service designed to help financial institutions protect their brand and customers from online fraud.

The RSA FraudAction Anti-Trojan service protects against malware including keyloggers, and local pharming attacks where Trojan software rewrites the host file, sending users to fake sites in order to steal user credentials. The service is also designed to mitigate the risks of session hijacking applications – a more sophisticated form of attack that enables hackers to take over an online banking session after the user has logged off.

"There is an increase in the activity of buying and selling custom crimeware, " said RSA product marketing manager Jens Hinrichsen. "A lot of people in the security industry try to identify and block these attacks at the desktop, but we're trying to flip that on its head and proactively identify, analyse and then defend and mitigate the threat."

RSA uses its antivirus partners' data on malware to classify and analyse the threats, and also to track down drop points – the locations where credentials are sent once they have been stolen by hackers. The service also utilises the firm's existing blocking network to block infection points such as fake web sites.

RSA FraudAction Anti-Trojan can also take down infection points and drop sites, helping financial institutions to mitigate against further targeted attacks. The service also features forensics capabilities that can recover and extract compromised customer credentials, explained Hinrichsen.

"We've had strong buy-in from UK banks for our other services and I believe the same organisations will be interested in this as a way to provide a secure environment for their customers to transact online," said RSA's Tim Pickard.

Andy Kellett of analyst firm Butler Group agreed that the service would be appealing to banks as long as its cost did not outweigh those costs incurred through fraud. However, customers would be generally unaware of this extra investments by their banks, he explained.

Kellett added that the ability to shut down infection points would be "a good value-add, especially if RSA is efficient at doing it".