Application Security , Cybercrime as-a-service , Electronic / Mobile Payments Fraud
Banking Trojan Has Become More Prevalent Since COVID-19 Prajeet Nair (@prajeetspeaks) • August 15, 2020 Phishing email that contains the IceID banking Trojan (Source: Juniper)The IcedID banking Trojan has recently been updated with additional evasion techniques including a password-protected attachment, keyword obfuscation and Dynamic Link Library file that acts as a second stage downloader to the malware, according to report from Juniper Threat Labs.
See Also: Combating Cyber Fraud: Best Practices for Increasing Visibility and Automating Threat Response
The threat actors behind the campaign, first spotted in July, research their target before the an attack and uncover a handful of customer names. Using a known name helps entice the victim to open a phishing email that contains the Trojan, Paul Kimayong, a security researcher with Juniper Threat Labs, notes in the report.
"This makes the phish that much more likely to succeed, given the sender and the recipient have an established business relationship," Kimayong says.
First observed in September 2017 by IBM X-Force researchers, IcedID steals financial data using malicious code injected into a web browser and has started to become more popular since the COVID-19 pandemic started (see: Revamped IcedID Banking Trojan Campaign Uses COVID-19 Lure ..
Support the originator by clicking the read the rest link below.
