Security News Russian banker trojan 'Lurk' flies under radar, picked up by researchers

omidomi

Level 71
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,008
Kaspersky Lab researchers spotted a Russian banking trojan, dubbed “Lurk,” that is designed to infect as many victims as possible without drawing the attention of researchers and analysts.

The trojan has targeted financial institutions including Russia's four largest banks, IT organizations working in telecommunications, mass media and news aggregators, according to a June 10 blog post.

Lurk has existed for more than five years and is spread via drive-by-downloads that leverage compromised websites with legitimate software to deliver Angler Exploit packs known as “XXX,” the post said. The trojan actively resists detection and researchers said the use of targeted attacks make it difficult to get new samples quickly.

Users need not do anything in particular to become infected, the post said.

“Lurk is a versatile banker Trojan – it can steal money not only from the iBank 2 system that is used by many Russian banks but also from the unique online banking systems of some large Russian banks,” researchers said in the post.

Researchers believe a team of professional developers and testers is working on the trojan project based on the methods of internal organization used in the malware, its feature set, and the frequency with which it is modified.

The trojan is constantly being updated, and only works on computers where it can steal money and researchers said it is distinct because it stores its malicious code in the victim's random access memory (RAM) instead of on the victim's computer, according to a June 1 press release.

Researchers recommended users ensure the safety of their systems by regularly training employees on information security rules and norms, maintaining competent design and administration of an organization's local area networks, and by using modern security software that is regularly updated.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top