Detección de inyección de código malicioso en páginas web bancarias / Detection of malicious code injection in banking websites / Detecção de injeção de código malicioso em sites bancários

Detección de inyección de código malicioso en páginas web bancarias / Detection of malicious code injection in banking websites / Detecção de injeção de código malicioso em sites bancários

Online banking, via web applications, is very common nowadays. However, various adversaries have developed methods to attack browsers and leak sensitive data from users. Code injection is one of these methods, it modifies a web page, on the fly, to ask users for their data and leak it through internet. This kind of attack may be difficult to detect as legitimate applications have the same behavior: they dynamically generate content and inject code. This proposal presents a mechanism to detect malicious code injections on the client side, to banking websites, based on URLs the pages include. Since web servers build web pages of banks with source files from a predefined set of sources and only send data to a predefined set of targets, it is possible to use white lists to classify URLs. The proposal is simple, easy to manage and effective to detect malicious extensions locally installed.