This new malware uses remote overlay attacks to hijack your bank account

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,115
Content source
https://www.zdnet.com/article/this-new-malware-uses-remote-overlay-attacks-to-hijack-your-bank-account/
The new malware variant, dubbed Vizom by IBM, is being utilized in an active campaign across Brazil designed to compromise bank accounts via online financial services.

On Tuesday, IBM security researchers Chen Nahman, Ofir Ozer, and Limor Kessem said the malware uses interesting tactics to stay hidden and to compromise user devices in real-time -- namely, remote overlay techniques and DLL hijacking.

Vizom spreads through spam-based phishing campaigns and disguises itself as popular videoconferencing software, tools that have become crucial to businesses and social events due to the coronavirus pandemic.

Once the malware has landed on a vulnerable Windows PC, Vizom will first strike the AppData directory to begin the infection chain. By harnessing DLL hijacking, the malware will attempt to force the loading of malicious DLLs by naming its own Delphi-based variants with names expected by the legitimate software in their directories.
Click to expand...
www.zdnet.com

This new malware uses remote overlay attacks to hijack your bank account

Vizom disguises itself as popular videoconferencing software many of us are relying on during the pandemic.
www.zdnet.com www.zdnet.com

Full report by researchers:
securityintelligence.com

New Vizom Malware Discovered Targeting Brazilian Bank Customers with Remote Overlay Attacks

New banking malware code and an active campaign called Vizom uses spam to target users in Brazil. Take a look under the hood.
securityintelligence.com securityintelligence.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: Der.Reisende, Solarquest, TairikuOkami and 12 others
TairikuOkami

TairikuOkami

Level 37
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,643
FireHammer said:
Hi, This sounds very scary, no chance to detect it.(n):cautious:
Click to expand...
When the headlines draws the attention like: The new malware magically infects computers, then yes, it sounds scary, otherwise it is the same old. The user downloads the infected software and the runs it. DNS might be able to block the known C&C server and firewall the download of a payload as well.
threatravens.com

New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks - ThreatRavens

IBM Security Trusteer researchers have discovered a new malware code and active campaign targeting online banking users in Brazil. The malware, coined “Vizom” by the team, uses familiar remote overlay…
threatravens.com threatravens.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: harlan4096, ForgottenSeer 85179, Der.Reisende and 3 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Malware News Bumblebee malware returns after recent law enforcement disruption
Replies
0
Views
1,082
Security News
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • Like
    • +Reputation
    • Thanks
QBot malware abuses Windows WordPad EXE to infect devices
Replies
2
Views
1,076
News Archive
Kongo
Kongo
upnorth
    • +Reputation
    • Like
Mac users open to Remote Control via Tricky macOS Malware; hidden VNC tool
Replies
2
Views
1,571
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top