- Jun 9, 2013
- 6,720
TrickBot operators in the UK, Australia and Germany have been adding new redirection attacks on a slew of highly targeted marks, according to analysis from IBM X-Force.
Researcher Limor Kessem saw that the bad actors are starting to handpick their targets, including a Sharia law-compliant bank.
This is “interesting because banking activity consistent with the principles of Sharia law prohibits certain exchanges such as interest fees and investment in business types unacceptable in Islam,” he said in an analysis. “I have not seen this bank listed as a mark in the past eight years of analyzing malware targets.”
Private banks, private wealth management firms, investment banking and a retirement insurance and annuity company are all listed targets. TrickBot also has added 20 new private banking brands to its regular attack roster, as well as eight building societies. Also added were two Swiss banks, a few private banking platforms in Germany and four investment banking firms in the US.
“The operators have been doing a lot of homework,” Kessem added. “The current configuration files are replete with One of the new targets is among the oldest banks in the world, located in the UK.”
IBM X-Force has found that the malware has grown from one to three major campaigns per month to five campaigns already in April.
Full Article. TrickBot Enhances Attack Vector with Handpicked Targets
Researcher Limor Kessem saw that the bad actors are starting to handpick their targets, including a Sharia law-compliant bank.
This is “interesting because banking activity consistent with the principles of Sharia law prohibits certain exchanges such as interest fees and investment in business types unacceptable in Islam,” he said in an analysis. “I have not seen this bank listed as a mark in the past eight years of analyzing malware targets.”
Private banks, private wealth management firms, investment banking and a retirement insurance and annuity company are all listed targets. TrickBot also has added 20 new private banking brands to its regular attack roster, as well as eight building societies. Also added were two Swiss banks, a few private banking platforms in Germany and four investment banking firms in the US.
“The operators have been doing a lot of homework,” Kessem added. “The current configuration files are replete with One of the new targets is among the oldest banks in the world, located in the UK.”
IBM X-Force has found that the malware has grown from one to three major campaigns per month to five campaigns already in April.
Full Article. TrickBot Enhances Attack Vector with Handpicked Targets
