Security researchers have developed proof-of-concept malware that allows attackers to obtain remote access to smart card readers attached to compromised Windows PCs.
The experimental malware developed by Itrust Consulting allows hackers to share a USB-based smart card reader over the internet. This so-called ‘smart card proxy’ attack was software specific, targeting PCs attached to smart card readers running ActivClient, the client application of ActivIdentity.
The experimental malware developed by Itrust Consulting ought to work with any type of smart card and USB-based smart card reader, at least in theory, so it promises to be both more flexible and powerful than that abused by the Sykipot Trojan.
Source: The Register
