Compliance Management, Malware, Privacy

KL-Remote toolkits let criminals ‘virtually mug’ unsuspecting users

A remote overlay toolkit referred to as KL-Remote, currently being used in Brazil, commits what researchers at IBM Security Trusteer call a “virtual mugging,” or a remote takeover of infected computers then execution of fraudulent transactions unbeknownst to end users.

The researchers discovered the KL-Remote in December, detailing in a blog post how miscreants can use a graphical user interface (GUI) included in the kit to “'overlay' fake messages on top of a legitimate website” to trick users into spilling their sensitive information. 

The toolkit is being touted among Brazilian cybercriminals “as a platform that can be embedded in the most common banking malware variants,” researchers wrote.

Attacks orchestrated with the tools are deemed “unique” since the criminal must intervene manually “during various stages of the fraud event” and is “virtually looking over the victim's shoulder” before seizing control of the device.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.