Financial Malware Threats of 2015

Malware

Cyphort Advance Malware Defense, the next generation Advanced Persistent Threat (APT) defense company, recently analyzed the top financial malware threats cybercriminals are using to target electronic payment systems. This will raise awareness of the dangers they present.

Most dangerous financial malware threats of 2015:

Zeus – Since debuting in 2007, this malware has infected tens of millions of computers worldwide. Financial service professionals consider it to be the most severe threat to online banking.

SpyEye – This Trojan horse has infected 1.4 million computers worldwide. Banking information is stolen using a keylogger application, and the bot can take screenshots of a victim’s machine.

Torpig – This botnet is spread using a Trojan horse called Mebroot. Torpig steals targeted login credentials to access bank accounts. It is difficult to detect because it hides its files and encrypts its logs.

Vawtrak – This a relatively new Trojan that can spread itself via social media, email and file transfer protocols. Its unique feature is that it can hide evidence by changing the balance shown to the victim.

Bebloh – This malware targets login credentials to intercept online transactions and breach financial systems.

Shylock – Attacks European banks via Man-in-the-Browser exploits. Worldwide, it has infected 60,000 computers using Microsoft Windows.

Dridex – Malicious code is executed via email attachments and Microsoft Word documents that contain macros that can download a second-stage payload, which can then download and execute the Trojan.

Dyre – Relies on malicious PDF attachments that can exploit unpatched versions of Adobe Reader. The email subject line will be misspelled and read “Unpaid invoic” or contain the attachment “Invoice621785.pdf.” Once the document is opened, Dyre can obtain bank account credentials. 

Financial malware has been around for more than a decade, it is quickly evolving in sophistication, to make sure your organization is protected from financial malware, Cyphort recommends the following: 

  1. Keep system and applications patched.
  2. Educate employees to be careful when visiting websites with popups. If a person does need to go to such a site, do so from a non-Windows platform.
  3. Adopt a new defense paradigm that continually monitors, diagnoses and mitigates attacks.
November 19th, 2015 by