One of the sectors most targeted by cyber attacks and by malware is the banking, during the last months we have read several times of agents developed to steal credentials of accounts and to realize complex frauds. We all remember malicious applications such as Spyeye and Zeus, the second is considered for example one of the most prolific malware du to the great variety of agent isolated all around the world in the last period and that have affected different platforms.
Financial institutions and banks need to take in serious consideration this cyber threats, that for the first time are creating great problems to the diffusion of the web-based service banking.
Ransomware, malware and phishing are the most insidious menaces for the sector, they have registered an impressive growth in the last year and the trend is really frightening.
Last week, due the increase of the number of infected pcs the FBI, has launched an alert titled “Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money ”
to explain that the IC3 has been made aware of a new Citadel malware platform used to deliver ransomware named Reveton.
“The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States federal law. The message further declares the user’s IP address has been identified by the Federal Bureau of Investigation as visiting websites that feature child pornography and other illegal content.”
Of course to unlock the pc, the victim have to pay a fine to the U.S. Department of Justice using a prepaid money card service.
In the specific case,
The level of complexity of these cyber threat is surprising as the model of sell implemented, in a past article I explained how much power is the concept of “malware ad service“, criminal organizations are able to customize the agents for the specific clients distributing them through anonymity channels such as the Deep Web.
We are facing an impressive business and criminals know that risks are really limited.
Citadel malware represents a powerful variant of Zeus agent, it is considered an ongoing project due to the model referred and it is evolution is interesting also new social media platforms and operating also on mobile devices.
Experts believe that the new variant that includes a ransomware has been developed to with the specific intent to attack US banking sector where, differently from Europe, users have no experience with this fraud schema.
As said, this time the evolution of Citadel is more dangerous due to the conjunction of more offensive malicious components inside the same agent, an information stealer and a ransomware and the forecast is that in next versions will be integrated more modules to circumvent users defenses. Zeus today represents the maximum expression of the malware evolution due to its diffusion and to the number of variants detected.
Returning to the FBI alert, it suggests :
Watch out, the enemy may have already infected your machine!
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Citadel malware, cybercrime)
[adrotate banner=”5″]
[adrotate banner=”13″]
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…
Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…
Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…
GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a…
This website uses cookies.
