Top Financial Malware overview

Top Financial Malware

In this article we will discuss the top malware that haunts the landscape. The information about the financial malware families will help you to get a better understanding of what types of families are active, and what their intentions are.

  • zBot / Zeus
  • Zeus Gameover
  • SpyEye
  • Ice IX
  • Citadel
  • Carberp
  • Bugat
  • Shylock
  • Torpig
  • Cryptolocker
  • Panda Banker
  • Emotet
  • Bebloh
  • Ursnif
  • Trickbot
  • Gootkit
  • Dridex
  • Corebot
  • TinyNuke
  • Neverquest
  • Ramnit
  • Tinba
  • Qadars
  • Ronvix

There are many cybersecurity companies that provide detailed white papers on malware, trojans, scams and other cyber security risks.

  • Macro malware
  • Infected storage devices (USB etc)
  • Compromised Third-party
  • Compromised networks
  • Insider
  • Zero-days
  • Social engineering
  • Phishing and spam emails
  • Exploit kits + Drive-by-downloads
  • Malvertising

How to protect yourself against a banking Trojan

  • Learn how to spot a fake website
  • Use any security features your bank offers
    • Account alerts
    • Backup email
    • Biometrics
    • Hardware security tokens
  • Keep your software updated
  • Learn how to spot phishing attacks
  • Use a password manager
  • Use security solutions like an antivirus
  • Use traffic filtering solutions
  • Use a safe browser

Sources used and more reading material

  • https://www.europol.europa.eu/sites/default/files/documents/banking_trojans_from_stone_age_to_space_era.pdf
  • https://www.blueliv.com/downloads/why-vawtrak-v2-could-be-the-next-major-banking-trojan.pdf
  • https://www.securonix.com/web/wp-content/uploads/2018/09/Kronos-Osiris-Threat-Research-Report.pdf
  • https://www.ncsc.gov.uk/content/files/protected_files/article_files/NCSC_Trickbot_Brief_User_Guide_0.pdf
  • http://csecybsec.com/download/zlab/20180621_CSE_Ursnif-Necurs_report.pdf
  • https://repository.tudelft.nl/islandora/object/uuid:dd7ef146-1047-4067-a174-732aa5d2c317/datastream/OBJ/download
  • https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-dec-2018.pdf
  • https://www.proofpoint.com/sites/default/files/pfpt-us-tr-q218-quarterly-threat-report.pdf
  • https://securityintelligence.com/the-father-of-zeus-kronos-malware-discovered/
  • https://www.proofpoint.com/us/threat-insight/post/kronos-reborn
  • https://research.checkpoint.com/osiris-enhanced-banking-trojan/