Re: Defeating Citibank Virtual Keyboard protection using screenshot method
Hi Yash,
> Severity: Critical
> Platforms Affected:
>
> Microsoft Corporation: Windows 98 Any version
> Microsoft Corporation: Windows Me Any version
> Microsoft Corporation: Windows XP Any version
> Microsoft Corporation: Windows 2000 Any version
[CUT]
...
You are talking about a documented feature, neither a flaw nor a
vulnerability. How can be an API rated?
>Vendor Response:
>No Response from Vendor yet
I cannot imagine Windows with BitBlt disabled... :)
This is a known method widely used in banking trojans since a long time
ago.
Anyway, thanks for sharing your research.
cheers,
- Rubén.