Denis Makrushin, a security expert at Kaspersky Lab. has published findings – “Financial malware are still active and developing rapidly. New banking Trojans have significantly extended their functionality by adding new modules, such as ransomware. If criminals do not succeed in stealing users’ personal data, they will encrypt it and demand a ransom. Another example is the Neurevt Trojan family. This malware was used not only to steal data in online banking systems, but also to send out spam”
Interestingly some of these new financial malware have cross OS capabilities and can potentially run and infect any computer or operating system including windows, Apple Mac, Android and Linux.
These Trojans also have the ability to infect the User via a variety of methods through browser / OS vulnerabilities. Infection points obviously still occur from compromised websites and servers that the User navigate too. Also we are seeing malware being delivered by various financial themed emails – phishing based emails. These emails are specific to the intended victims containing financial and bank brands with a social engineered call to action. The result is an infected user with targeted malware that disregards OS / device types and end point security scanning.
Users should pay particular attention to using effective and update endpoint security software regardless of OS and device type – yes including Android security. Users also need to be continuously educated to phishing type emails and other web attacks via infected sites.
Banking organisations should be running their protection services in parallel to the User and adopting a layered approach across the end user transactions and internet banking web applications.
New Financial malware – banking Trojans – are increasing in functionality with new families and variants responsible for fraud losses.
There has been a number of reports from our Security vendor partners, plus iZOOlabs analysis, where we are observing a recent upshift in attacks. iZOOlogic clients in disparate countries from the UK to Turkey have been targeted.
The number of new malware variants have recently grown – it has been widely published and noted that collaboration between cybercrimal elements and malware authors is occurring.
[…] Anubis is a destructive banking trojan that, when installed, steals login credentials on financial apps, payment cards and e-wallets […]
[…] Banking malware aside, the Zeus trojan is among the most notorious of all malware, second only perhaps to Stuxnet. […]
[…] is a newer addition to the Zeus family of malware. Like the other Zeus variants, it is a banking Trojan that focuses on stealing user credentials from financial institutions. Although recent attention […]
[…] malware is a new generation of financial trojan with an increased level of sophisitcation and stealth. Bolek was documented by the Polska CERT team […]
[…] to mitigate the risks and threats precipitated by such banking Trojans, banks have adopted a range of transaction authentication methods such as transparent multi-factor, […]
[…] Panda Banker is a banking Trojan that seems to be related to the Zeus Trojan. The Panda Banker, a recently uncovered banking Trojan, […]
[…] banking malware is the latest trickbot variant that delivered its payload this October via a harmful Excel […]
[…] an increasingly grave problem in the cybersecurity world is mobile banking viruses. In 2017, mobile banking Trojans attacked close to 260,000 users across 164 countries. Attackers masquerade as a legitimate banking […]
[…] found by Kruse’s associates Benoit Ancel and Aleksejs Kurpins when they were researching a banking malware sold on the dark web and reused by […]
[…] is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, […]
[…] malware has been identified as Razdel, a variant of BankBot (Anubis I) mobile banking Trojan that is not as widespread. Security firms ThreatFabric analyzed Razdel and found that its targets […]
[…] of targets is of course, in Australia. Here’s the catch, the fake statements contain a familiar banking trojan called, […]
[…] Lokibot malware is a Banking Trojan designed for information theft. It’s been around since 2015 and has targeted many users for quite […]
[…] specialists from ESET unravel banking trojan named DanaBot being dispersed to European nations by means of spam messages. DanaBot is prominent […]
[…] banking trojan falls in the second place with almost 13,000 payloads, followed by GandCrab ransomware with a […]
[…] December we discussed a written article about a hacker getting hacked by a banking Trojan. The banking malware was identified as the Lokibot which was exploited by being used by different […]
[…] point forward, the Lazarus Group releases already obscure malware the firm has distinguished as Trojan. Fastcash, which enables the assaults to send counterfeit endorsement reactions to the ATM machines […]
[…] Bank of Scotland, Western Union, Coinbase and Bitcoin Wallet. “Initially designed as a classic banking Trojan, in its current version, Gustuff has significantly expanded the list of potential targets, which […]
[…] and infection forces in the malware scene. Scaling from its operation as a spam botnet delivering banking trojans and ransomware to developing a proxy service, as well as cryptomining and DDoS capabilities. Necurs […]
[…] or Qbot also known as bank malware has been in the threat landscape since 2008 similar to Rubber Ducky, Mimikatz, and is considered […]