Talk to a fraud fighter

Banking Trojans are on the rise

November 15, 2017

Over the last 2 months a massive growth of banking trojans was identified and reported by multiple security research resources. Banking trojans, such as Zeus, Ramnit and Trickbot, are among the top ten most popular banking malware families that are used to steal money from users’ accounts lately. Once installed on a victim’s computer, they are able to recognize when a victim is logging in into her/his account and collect sensitive information – credentials or even PIN numbers. All of these banking trojans utilize the same set of methods – keystroke logging, form grabbing and webinjects.

One of the reasons why these Trojans has rapidly spreaded over the world is that fraudsters are very fast in inventing new features, re-writing existing Trojans and utilizing stealth techniques that can prevent anti-viruses from detecting them.

This is exactly the case, where behavioral profiling may come into play and tell the difference between legitimate users and hackers. Behavioral analysis detects abnormal behavior, regardless of the attack scheme, thus, can detect zero-day attacks and attacks with the use of social engineering methods.

Contact us to learn more about how ThreatMark can protect you and your clients.

Here you can find the list of Top 3 Banking Trojans for last 2 months:

  1. Zeus – This Trojan use man-in-the-browser keystroke logging and form grabbing, then he can steal your banking information.
  2. Ramnit – This Trojan steals your banking credentials, FTP passwords, session cookies and other data.
  3. Trickbot – Trickbot is Banking Trojan which is a Dyre variant and emerged in October 2016. Trickbot can pull web-injection instructions from its C&C servers online when victims try to reach a website.