ThreatMetrix Launches ThreatMetrix Labs

First report explores the different ways fraudsters can deploy MitB Trojans on Mac OS X

March 10, 2012

3 Min Read


San Jose, CA – February 28, 2012 - ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, announced today the launch of ThreatMetrix™ Labs , which generates in-depth reports on the latest capabilities of malware that targets financial institutions, merchants and online businesses.

To generate each report, a team of independent researchers analyze, examine and reverse-engineer the most sophisticated malicious software running on computer systems worldwide. The information gained from the report enables enterprises, financial institutions, credit unions, payment providers, government agencies and security professionals to stay abreast of current and emerging online security threats.

“ThreatMetrix Labs is introduced as an independent research arm during a time when the latest versions of malware are continually changing to become more targeted and complex,” said Andreas Baumhof, chief technology officer, ThreatMetrix. “Today’s cybercriminals are evolving much faster, as we see from our research that they adopt very quickly to countermeasures being put in place. The growing pain of man-in-the-browser (MitB) attacks is definitely high on the list of threats, as these Trojans are very sophisticated and successful. It’s essential for organizations to stay up-to-date.”

MitB Trojans on Apple Mac OS X

ThreatMetrix Labs released its first report, “Man-in-the-Browser: Apple Mac OS X Edition,” which explores the different ways fraudsters can deploy MitB Trojans on Mac OS X and provides important intelligence and forensics to understand the threat of MitB attacks for other platforms beyond Windows.

“We found that the technical approach to doing MitB Trojans on Macs is actually very similar to doing MitB Trojans on Windows,” said Baumhof. “While the majority of MitB Trojans are targeting the Windows platform, Apple’s increased user base and market share makes an attractive target for fraudsters.”

Malware Trends in 2012

Malware continues to grow in terms of infection rate and new targets. Last year, there were 25 million new, unique strains of malware released and that number is projected to grow to 87 million by the end of 2015, according to the Aite Group.

As malware continues to become more prevalent, especially with dangerous MitB Trojans, ThreatMetrix has identified other trends and predictions for 2012:

· More Drive-by-Downloads. Cybercriminals that conduct drive-by-downloads compromise well-known websites, which then distribute Trojans automatically. For instance, the Carberp Trojan was distributed in 2010 on a recognized news website in the Netherlands, which pushed infection rates into the hundred-thousands.

· More MitB Trojans targeting social networking sites. A Trojan called Ramnit was recently successful in compromising 45,000 Facebook accounts, notably in the U.K. and France.

· More MitB page injections. More fraudsters will employ MitB techniques to add malicious content (such as JavaScript) to a legitimate website, regardless of what type of Trojan is used.

· Mobile is the new target. The growth in mobile banking and mobile commerce will make mobile devices a big target for fraudsters.

For more information, in-depth ThreatMetrix™ Labs reports are available on request to organizations looking to gain a lead on the capabilities, enhancements and improvements being implemented into malicious software. To request an official report, please register at For a public copy of the report, visit

About ThreatMetrix

ThreatMetrix is the fastest-growing provider of integrated cybercrime prevention solutions. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The Platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, malware protection with TrustDefender™ Cloud and TrustDefender™ Client, as well as TrustDefender™ Mobile for smartphone applications. The company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments, social networks, government, and healthcare.

For more information, visit or call 1-408-200-5755.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights