Banks and payment services are in a constant fight to detect account fraud, employing sophisticated ways to detect abnormal activities. One of those ways is "fingerprinting" a Web browser, or analyzing its relatively unique software stamp.
Web browsers relay a variety of data to websites, including a computer's operating system, its time zone, language preference and version numbers for software plug-ins. When those parameters change, along with others such as an IP address, it may mean an account is being fraudulently accessed.
Called FraudFox VM, the software is a special version of Windows with a heavily modified version of the Firefox browser that runs on VMware's Workstation for Windows or VMware Fusion on OSX. It's for sale on Evolution, the successor to the Silk Road online contraband market, for 1.8 bitcoins, which is about US$390.
What FraudFox aims to do is make it faster and easier to change a browser's fingerprint to one that matches that of the victim whose account they're going to exploit, or simply mix up their own digital crumbs when browsing. It's not a new tool per se, and more advanced cybercriminals may already know the techniques, but FraudFox consolidates the functions.
(Score: 1, Interesting) by Anonymous Coward on Thursday January 22 2015, @08:24AM
So, pretending that you have the same version of Flash (and several other things of the same importance) helps empty his bank accounts?
From the summary, I'd say only if the bank is using obscurity, rather than real security. Tools like PGP cannot be fooled by making your PC look like the victims PC, either you have the key or you don't.
Banks should be using tamper proof digital signatures (e.g. ChipTan), not browser fingerprinting.