Malvertising campaign “Binary Options” widespread reports banking Trojan

malwarebytes a new Malvertising campaign, deliberately chooses the appropriate victim in a multi-stage process. The attackers use fake Web sites that are made after the pattern of a financial trading binary options. Their actual goal is but to foist a banking Trojan to the victims and to plunder her accounts.

 malware (image: Shutterstock)

in a blog entry the security experts describe the first little manageable attack chain. The attack starts with an advertisement that is distributed by advertising networks like Popads or PlugRush. This forwards first users to a bogus Web site, providing a quick IP check. Only legitimate users can then go to a server of the second stage, making a further check – in the sense of the attacker and here again unwanted traffic will be rejected.

only when users of the two first advanced portals, the attacker detonate the next stage with an Exploitkit. The infection occurs apparently with the variant of a long known banking Trojan, but always still successfully coming to the usage. It’s malware of type ISFB diffused also under names such as Dreambot, Gozi and Usrnif. The Gozi ISFB about malware caused repeated high damage amounts by she injected scripts in browsers to intercept logon data when victims visit a banking site.

“Banking trojans are been in these days a little forgotten, because they stand in the shadows of Ransomware”, commented malwarebytes. “They represent but still pose a significant risk and able to act relatively undisturbed in the dark. You can manipulate banking portals and perform transfers, without victims and the banks may not even notice it.”

the security experts of Malvertising campaign awarded the designation of “Binary Options” because this fake sites are diversion used, ostensibly serving the trade binary options . These are extremely dangerous and often fraudulent futures, which often in vain to be combated by regulatory authorities and are explicitly prohibited in some regions. This market attracts especially risk capital investors who hope for high profits in a short time.

WEBINAR

what next – BB´s storage & co: the enterprise cloud!

get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples.

Be the first to comment

Leave a Reply