WHAT IS IBKR DOING TO PROTECT ITS CLIENTS?

We are actively working, with high priority, to mitigate the threat on several levels:

• We have patched all our servers accessible externally (from the Internet) with a version of Log4j that is not susceptible to this vulnerability.
• We have upgraded our Trader Workstation (TWS) software and our TWS installers with a version of Log4j that is not susceptible to this vulnerability.
• We have updated our security infrastructure (including network firewalls, application firewalls, intrusion detection tools, etc.) with the latest protection measures that help detect and block cyber-attacks that attempt to exploit the Log4j vulnerability.
• We continue our ongoing efforts to fully identify and patch any impacted internal systems (those that are not accessible from the Internet).
• We continue monitoring the evolving industry threats and adopt additional mitigation measures as needed.

ACTION REQUIRED

We are committed to providing a secure environment for your assets and trading activities. To that end, we request that our clients give priority to the use of the LATEST TWS version, which will auto-update. Should you have the STABLE or any OFFLINE version, which does not auto-update, please ensure that you take the necessary steps to keep your TWS in line with the latest security fixes.

Table of content

Downloading the TWS installer and update patches

The TWS installers available in the download areas of ibkr.com or IBKR regional web sites are sealed and digitally signed using all the safety procedures required by the industry standards and do not contain any malicious code or process. The same industry standard practices have been used for the TWS update patches, which are automatically downloaded and installed when launching the TWS (if and only if there is an update available). Nevertheless, if you have received an alert, we recommend you to be cautious. Should you intend to keep the TWS installation file on your machine for future use, you should make sure that the same precautions for the protection of data from viruses and malware are applied to it.

Why do I receive a warning when I install the TWS or when the TWS automatic update runs?

You might see an alert (similar to Figure 1 but not limited to) and your security system would wait for your input on how to process the suspicious file. You usually have the option to quarantine the file, delete it, ignore it once or create a permanent exception for it.

Please note that your antivirus might autonomously quarantine or delete the TWS installer file or some of his components without asking for your confirmation and without showing you any warning. Nevertheless, this should only happen if you have preset your antivirus to specifically react in this way.

Figure 1.

What should I do when I receive a warning?

In case you receive a warning during the TWS installation or update, we recommend the following steps:

1. Delete the TWS installer and download it again from the IBKR main or regional web site

a) Delete the TWS installer file already present on your computer and then delete it as well from your Trash (empty your Trash)

b) From the table below, click on the TWS download area correspondent to your location

c) Check the website certificate. Most Internet browsers will immediately alert you in case the site certificate is invalid, compromised or expired. Nevertheless, if you want to check manually the validity of the site certificate, click on the padlock close to the address (URL) and make sure the Connection is reported as secure and no security warning are present (see Figure 2 below).

Figure 2.

d) Click on the button labeled with the TWS version you wish to use and download again the TWS installer

2. Check the digital signature of the TWS installer file you have downloaded

Normally you will immediately receive a security warning in case the digital signature of a file is compromised. Nevertheless, if you wish to perform a manual check, proceed as follows, according to your Operating System:

For Windows

a) From the Windows file explorer, access your Downloads folder or the folder where you placed the TWS installer

b) Right click on the TWS installer file, select Properties and then click on the tab "Digital Signatures"

c) Click on "Details" and on "View Certificate" to check the certificate status and signer. The legitimate signer is "IB Exchange Corp." (See Figure 3 below)

Figure 3.

For Mac OS X

a) Click on the magnifier glass (Spotlight Search) on the top right of your screen and type Terminal. From the search results, launch the Terminal app

b) Type cd Downloads and press Enter

c) Type codesign -dv --verbose=4 tws-latest-macosx-x64.dmg and press Enter. Please notice that the name of the file (tws-latest-macosx-x64.dmg) may differ according to the TWS version you decided to download. If needed, replace the file name in the command with the appropriate one

d) Check the command output and make sure the "Developer ID Application" is "IB Exchange Corp." (see Figure 4 below)

Figure 4.

3. Run the TWS installer file you have downloaded

Once you have downloaded again the TWS installer and after you made sure the file is original (points 1. and 2. above), you can proceed with the installation. Should you still receive a warning from your antivirus, you can reasonably consider it as a false positive and ignore it.  Should you need guidance on this step, please proceed directly to the next section.

How can I signal an Alert as false positive?

All modern security systems allow the creation of exceptions, precisely in order to address false positive cases.  An exception is a rule forcing the antivirus engine not to scan a specific file or process. That specific file or process will hence be deemed safe and no further alerts will be raised for it.

The procedure for creating an exception may vary, according to the security software you are using. You may be able to create a temporary or permanent exception directly from the alert pop-up or you may have to create one manually from a specific section in the main configuration panel.

If you are unsure of the procedure, we recommend you to consult your antivirus documentation.

Once you have set an exception for the TWS installer file or for the TWS updater process, those will be no longer blocked and will be able to complete their respective tasks successfully.

What else can I do if I have doubts or if my system behaves abnormally?

If you have reasons to believe your machine may be compromised or infected, we recommend performing a full system scan. Usually you can right click on the antivirus icon present on the bottom taskbar (for Windows) or on the upper menu bar (for MacOS) and you will find the option to launch a full system scan. Alternatively, you may start that task from the main antivirus window. If you are unsure of the procedure, we recommend you to consult your antivirus documentation.

Technical Background

How does my security system scan the files I download from the Internet?

Modern antivirus and anti-malware engines base their threats recognition on:

Signature-based scanning: the antivirus scanner searches for a specific pattern of bytes that was previously catalogued as malicious or at least suspicious. The antivirus may check as well file signatures (called hash) against a database of known threats (called virus definitions).

Analysis of behavior: the antivirus engine detects specific actions which individually may not represent a threat but, when correlated together, resemble the usual activity of a malicious software (e.g. the ability of a code to replicate or hide itself, download additional files from the Internet, contact external hosts over the Internet, modify the Operating System registry) This type of scan is designed to detect previously unknown computer threats.

Heuristic detection: the scanner de-compiles the code or runs it within a virtual, restricted environment. It then classifies and weights the actions performed by the code against a predefined, behavior based, rule set.

Cloud-based protection and machine learning: those are relatively new techniques. The file that needs to be analyzed is sent to the antivirus / security system vendor cloud where sophisticated algorithms perform a deep analysis of the code authenticity and behavior.

Are those scan methods infallible?

Modern threats are very sophisticated and, like biological viruses, can mutate their code and their signatures. Moreover, new malwares and exploits are created every day and spread rapidly over the Internet. The threat recognition methods mentioned above are therefore not infallible but can guarantee a high percentage of malware recognition when combined together.

While signature based techniques are very successful in recognizing known threats and less prone to false positives, they are not so efficient in recognizing unknown malware or mutations of existing ones. In this area, the behavioral and heuristic methods perform much better although they are more prone to false positives since their detection is not based on bare code matching but on a certain degree of interpretation and hence uncertainty.

The term "false positive" is used when a security system classifies an innocuous file or process as malware.

Reference:

• Click here to find out more about Security Best Practices at IBKR

Procedure:

 

7. Once the installation has completed successfully, repeat the previous steps from 1. to 5. setting back the permissions of “everyone” to “Read Only” to revert your changes to the initial status

Table of contents

• What does the app do?
• Requirements
• How is the app installed?
• How do I confirm the app installed?

What does the app do?

At 'glance view' the app will display the following information; Amount of FYI Notification, Account Number, Daily P&L, Net Liquidation Value, Number of Open Orders, Number of Trades Executed, Excess Liquidity and number of Positions you currently own. It will also display the time when it has fetched the information from your iPhone.

Example:

Back to top

Requirements

• Must have iPhone 5s or greater, using iOS 11 or later.
• Must have the IBKR Mobile app installed on your iPhone (version 11 or greater)
• Must have your Apple Watch paired to your iPhone (refer to: Set up your Apple Watch for directions)
• Must have watchOS 5 running on your Apple Watch.

Important: The Apple Watch applications are only 'companion' apps. This means they are not installed directly on the watch itself, but rather are a function of an application already installed on your iPhone.

Back to top

How is the app installed?

 1.  Install the latest version of the IBKR Mobile app on your iPhone.

 2.  Pair your Apple Watch to your phone.

 3.  Launch the Watch app on your phone.

 4.  Scroll down on the main screen until you see your list of apps, locate the IBKR Mobile app and Tap on it.

 5.  Enable Show App on Apple Watch by swiping the slider to the right (green).

 6.  After the top slider is set to green, you will see a text informing you that the app is being installed. At this stage the phone is sending the application to your watch per Bluetooth. This might take a short moment (approximately 30-60 seconds.) Once completed the companion app has been installed.

Note: Once enabled it will take 24 hours before P&L shows up on the watch after activation. 

Back to top

How do I confirm the app is installed?

On your Apple Watch click on the crown to access your Home Screen, you should now see an icon for the IBKR Mobile App.

Back to top