Trusteer Pinpoint Cloud Service Protects Against Malware Fraud
Trusteer's Pinpoint service examines Web traffic for signs the user's desktop is infected with Trojans such as SpyEye and Zeus that can steal funds or data.A new security cloud service, which is being targeted at financial institutions with concerns about a new breed of aggressive banking Trojans, promises to detect malware within a PC without requiring any additional software. The Pinpoint service allows companies concerned about online fraud or data theft to scan their Web traffic to ensure that an outside laptop or desktop that is brought into a corporate network is not infected with malware before allowing the visitor access to their Web services, according to Trusteer, which developed this cloud security application. If the Web traffic hints there are malware or other issues on the computer, the visitor is prompted with an option to download and install Trusteer Rapport, an in-browser removal tool, the company said March 16.
Trusteer has pooled intelligence obtained from the millions of Rapport users around the world and has detailed information about malware command-and-control centers and what kind of network traffic an infected machine would have.
When a user tries to access a Pinpoint customer's Web service, Pinpoint scans the site's traffic in real-time to determine if the machine is exhibiting any behaviors associated with infected zombies, the company said. Service providers can configure Pinpoint to support both manual and automated responses.
For sites requiring a log-in, the cloud service scans user machines and allows users to successfully log in only if the system is clean. This way, if a malware is controlling the log-in process, it will be blocked from the site, Trusteer claimed. If an infected machine tries to log in, the company's IT department receive an alert about it. The IT manager at this point can decide whether to stop the transaction or to turn on additional security options. Organizations can also use Pinpoint to scan network traffic before allowing certain transactions, regardless of whether the user is logged in, Trusteer said. It can be integrated with a risk-evaluation engine for scoring risk. Trusteer said several major financial institutions in North America and Europe have been running a beta version of the service "for a number of months," but declined to name them. While Pinpoint does not scan the user's machine internally, it does give its customers the ability to examine real-time network traffic to proactively find hints of malicious activity and to block fraud before it happens, Dycian said. Pinpoint is priced at $10,000 a year for enterprises with less than 300 users.