Home/Blogs/9 Most Dangerous Malware That Can Empty Your Bank

9 Most Dangerous Malware That Can Empty Your Bank

Author:Nirmal Raj Singh Rathore Added on: Mar 25, 2021 Category: Security

9 Most Dangerous Malware That Can Empty Your Bank

 

9 Most Dangerous Malware That Can Empty Your Bank Account

1. Torpig 

  • Torpig may be a sophisticated sort of malware program designed to reap sensitive information, like checking account and MasterCard information from its victims.

  • The Torpig botnet – the network of compromised PCs – which are under the control of cybercriminals are the most means for sending spam e-mails or stealing private information or credentials for the online bank accounts. Torpig also uses a DGA (domain generation algorithm) to generate a list of domain names and locate the Command and Control servers used by hackers.

2. CryptoLocker

  • This malware encrypts your data and displays a message which states that your private information can be decrypted for a sum of money in a limited period of time. Though CryptoLocker is often removed by various security solutions, there isn’t any way yet to decrypt the locked files.

  • CryptoLocker is one of the nastiest pieces of malware ever created. It’s not simply because it takes money from you or because it can access your private data, but once it manages to encrypt your information, there's no way for you to decrypt those files. This ransomware is so dangerous because the affected users have their private information disclosed (and taken advantage of) and that they also lose the files without having any chance of recovering them.

  • CryptoLocker is a ransomware Trojan that can infect your system in different ways, but usually, this happens through the means of an apparently legitimate e-mail attachment, from a well-known company or institution. Because it spreads through email attachments, this ransomware is known to target companies and institutions through phishing attacks.

3. Ice IX

  • Virus Type: Malware, Botnet

  • The ICE IX malware may be a banking trojan derived from the Zeus botnet because it uses significant parts of Zeus’s ASCII text file. ICE IX communicates using the HTTP protocol, so it is often considered to be a third-generation botnet. While it's been used for a spread of purposes, a primary threat of ICE IX comes from its manipulation of banking operations on compromised machines. Like any bot, the execution of the bot leads to establishing a master-slave relationship between the botmaster and therefore the compromised computer.

  • This modified variant is used by cybercriminals with the same malicious purpose of stealing personal and financial information, such as credentials or passwords for e-mail or online bank accounts.

4. Citadel

  • Citadel appeared after the ASCII text file of the infamous Zeus leaked in 2011. Due to its open-source character, the software code has been reviewed and improved by IT criminals for various malware attacks.

5. Carberp

  • Carberp may be a Trojan designed to offer attackers the power to steal private information from online banking platforms accessed by the infected PCs.

  • This Trojan’s behaviour is analogous to the opposite financial malware within the Zeus family and displays stealth abilities from antimalware applications. Carberp is in a position to steal sensitive data from infected machines and download new data from command-and-control servers.

  • This Trojan is one of the most widely spread financial stealing malware in Russia. Primarily targeting banking systems and corporations which perform a high number of monetary transactions, Carberp isn't only injecting a code into sites, but it also tries to exploit several vulnerabilities in the target system so as to escalate to administrative privileges.

6. Zbot/Zeus

  • Other Known Names: Zbot, Zeus Gameover, Trojan-Spy.Win32.Zbot

  • Virus Type: Malware, Botnet

  • About Zbot/Zeus: - Zeus Virus (or Zeus Trojan malware) may be a sort of malicious software that usually targets Microsoft Windows. This malware is generally used to steal financial data such as system information, banking credentials, other banking details of a user which is later used to login into the users account to steal the money. This malware was first found in 2007.

  • How it Infects: Zbot/Zeus malware can infect our computer either by spam message or by download.

7. SpyEye

  • Virus Type: Malware, Botnet

  • About SpyEye: - SPYEYE may be a malware family notorious for stealing user information associated with banking and finance websites. This malicious software is capable of stealing bank account credentials, social security numbers and financial information that could be used to empty bank accounts and later these stolen login credentials being used to initiate unauthorized transactions like online fund transfers. The stolen information may also be sold on the black market.

  • How it Infects: By other malware, Spammed Email, Downloaded

8. Bugat

  • Bugat is another banking Trojan, with similar capabilities to Zeus – the notorious data-stealing Trojan – which is used by IT criminals to steal financial credentials.

  • Bugat targets an infected user’s browsing activity and harvests information during online banking sessions. It can upload files from an infected computer, download and execute a list of running processes or steal FTP credentials.

  • Bugat communicates with a command and control server from where it receives instructions and updates to the list of monetary websites it targets.

9. Shylock

  • Shylock may be a banking malware, designed to retrieve a user’s banking credentials for fraudulent purposes.

  • As soon as it is installed, Shylock communicates with the remote Command and Control servers controlled by the cybercriminals, sending and receiving data to and from the infected PCs.

 

Tips to protect yourself and your organisation from Malware:

  • Strengthen Authentication: Most malware attacks are the results of compromised and weak credentials. Two-Factor Authentication or MFA are excellent gate-keepers, that prevent unauthorized access of applications. Make sure all of your applications, including third-party ones, support and implement them.
  • Create Anti-Phishing Policies: Office 365 includes built-in features that protect your users from phishing attacks. Take advantage of the threat management tools in Office 365 to line up anti-phishing policies and increase your protection status. You can even create custom policies for specific users, groups, or domains.
  • Cybersecurity Training: An important malware prevention best practice is to conduct regular org-wide cybersecurity training. Educate colleagues about the fundamentals of excellent security hygiene, like checking the sender’s email ID, and avoiding downloading attachments or clicking URLs from unknown sources and alerting support about emails with suspicious content.
  • The Usual Protectors: Make sure your anti-virus solutions are auto-updated, which you've got robust firewalls and network monitoring tools.

 

Sources Used: Click Here For More Details

Click Here for More Details

Click Here For More Details

Click Here For More Details

Click Here For More Details

 

 

<a class="web_link_ms" data-cke-saved-href="https://securityboulevard.com/2019/12/dridex-malware-of-the-month-december-2019/" href="https://securityboulevard.com/2019/12/dridex-malware-of-the-month-december-2019/" rel="nofollow" "="" target="_blank">

 

Comments

0 Comments

Leave a comment

Search

Related Posts

Most Clapped Posts

Featured Posts

Categories

Popular Posts

Archives