New malware campaign avoids detection to target major financial brands

By Ian Barker
Published 8 years ago

malware

Updated versions of the Gozi malware are being used in currently active campaigns targeting global financial brands according to threat intelligence experts buguroo Labs.

Targets of the attack include PayPal, CitiDirect BE, ING Bank, Société Générale, BNP Paribas, and the Bank of Tokyo. It's expected that attacks currently being perfected in Poland, Japan and Spain, will soon be launched in the US and Western Europe.

When an infected user at a target financial institution attempts a transaction, the malware’s C&C server is notified in real time and sends the user's browser the information necessary for carrying out fraudulent transfers. The injected code presents a fraudulent deposit-pending alert requesting a security key from the user to complete the transfer. Hidden beneath this, however, is the actual transfer page being presented to the bank. The unsuspecting user is inadvertently entering their key to send their money to a 'mule' designated by the malware operators.

Analysis by buguroo shows that these latest Gozi variants use advanced techniques that leave even organizations using the leading web fraud defense tools extremely vulnerable. In addition, the dynamic web injection being used indicates a high degree of automation to optimize the selection of 'mules' based on the quality and vulnerability of the victim, with the juiciest prospects earning an 'operators are standing by' live intervention.

"Through our ongoing cyber intelligence activity and world-class expertise, our team was able to identify the latest Gozi advances and alert the public," says Pablo de la Riva Ferrezuelo, chief technology officer and co-founder of buguroo. "We are also proud to confirm that bugFraud Defense is one of the few, and perhaps the only, effective defense against these very sophisticated emerging attacks".

More information on the threat and how it works can be found on the buguroo blog and will be presented at the Black Hat conference.

Photo Credit: andriano.cz/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

New malware campaign avoids detection to target major financial brands

Recent Headlines

We're not going to deal with today's IT admin issues with yesterday's technology

AI-powered data management: Navigating data complexity in clinical trials

Workforces need the skills to defend against AI-enabled threats

Overcoming real-time data integration challenges to optimize for surgical capacity and better care

From Windows XP to Windows 10 -- How Microsoft's end-of-life nag screens have changed

Pour one out for the Linux homies: Fedora 40 released

Phishing attacks up 60 percent driven by AI

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE