5 Trends in Banking Trojans

By November 7, 2018 No Comments

October 23, 2018 - Copywriting - It forum 365


According to Cyxtera, the emergence of more malware modalities aimed at stealing sensitive information on mobile channel will be increasing

Data theft on mobile devices is set to grow, according to Cyxtera, a company that specializes in detecting and preventing electronic fraud on devices, channels and cloud services. According to the company, banking trojans, a type of malware used to steal sensitive information, such as account access data, are constantly updated and enhanced by hackers due to their high profit potential.

The company has listed some of the most powerful attacks of 2018 so far.


1. Malware without file

In the fileless attack, one of the biggest trends of the year, malicious code is injected directly into the device's memory. While in normal attacks, malware is injected into the device by writing files to the device disk & #8230;

In recent cases identified by Cyxtera researchers, Banking Malware Injected by Trojans have used Windows logs to store portions of the content, so the email file is read and executed directly in device memory and is harder to track. "This technique is not completely new, but its use in banking malware has grown rapidly over the past year as criminals realize its effectiveness in evading detection mechanisms," says Villadiego.


2. Zero Day Exploits

Zero-day exploits, which pose risks to businesses and end users, allow cyber criminals to exploit uncorrected vulnerabilities in diverse operating systems and programs. In the case of banking malware, Cyxtera saw a significant increase in the use of zero-day exploits, especially in the first stage of an infection.


3. Botnet use in banking with the emergence of new varieties

Botnets are examples of a benign and useful technology that has been turned into a malicious tool: many of them have numerous features that can be easily modified by cybercriminals.

This year, in addition to the increase in banking functionality in old varieties of malicious botnets, new families are emerging, with more and more industry-driven theft tools and techniques.


4. New Tools with More Features

The old guard of banking malware operated quite simply: DNS infections, screen overrides, and so on. Now, due to increased security and device protection mechanisms, Cyxtera has noted that criminals continue to use the same techniques, but in a more advanced way. In addition, attacks are including increasingly sophisticated features.

According to Villadiego, QakBot is the prime example of this. The trojan has worm features that allow it to spread to USB devices. “In fact, he was responsible for blocking Active Directory servers from various companies. To keep up with the strengthening of security mechanisms on most devices, cybercriminals are developing their traditional malware strategies, adding advanced functionality, ”he explains.


5. Mobile Malware

Mobile banking usage has grown exponentially in recent years, following the increasing convenience of checking bank balances and statements, and making transactions and payments. Despite various protection mechanisms in desktop environments, malware is not always detected and can eventually infect the machine.

For Ricardo Villadiego, Cyxtera Vice President of Security, a robust and comprehensive security plan is the best way to protect the organization and its customers and ensure that they are not vulnerable to malware attacks.


"It is important for the company to implement a strong email authentication protocol such as DMARC to ensure that malicious email (which may contain bank trojans) does not reach their users' inboxes," he warns. "In addition, employing efficient endpoint and browser detection and protection mechanisms, keeping systems and devices up to date, and using two-factor authentication (2FA) are some of the ways to protect an institution and its customers," he said.




THE [SAFEWAY] is a widely recognized company as a provider of premium information security and cybersecurity solutions. From its extensive portfolio, we highlight several solutions, including those based on platforms:

  • Archer da RSA Security, considered by the institutes Gartnerand Forrester and by the market itself, the most complete process integration solution for Governance, Risk Management, Compliance and Business Continuity Management;

Leave a Reply