Yubico launches smart card that combats spying malware
Posted on 28 February 2013.
Yubico announced that the Yubikey NEO aggressively defends against malware aimed at smart cards.

Successfully piloted by leading enterprises, the new product eliminates the risk of card and PIN being remotely hacked by Trojans, which has recently happened to other smart cards used by the Federal government.

Last year, it was revealed that a new Trojan had been used by hackers to compromise smart cards to access sensitive information in military networks and aerospace technology firms. The hackers had adapted the Sykipot Trojan to lift card credentials from compromised systems.

Using phishing emails, users were then tricked to then download a key-logger on their machines stealing PINs associated with the smart cards. Once attackers had the authentication codes and associated PINs they gained the same level of trusted access to sensitive networks as the user whose smart card credentials they have stolen.

The rugged, minimally sized YubiKey NEO fits naturally on a keychain. It can be ordered from the Yubico web store for $50.

“Easy to use and highly secure, the user simply inserts the device into a USB-port, or taps it to an NFC enabled mobile device. As an additional form of authentication, the user then physically touches the device to generate an encrypted pass code that cannot be triggered remotely by malware,” explains Stina Ehrensvard, Yubico CEO & founder.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th