Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Latest Gozi Variant Targeting Financial Institutions Uses Web-Injection Attacks

Security researchers from Buguroo Labs have spotted a new edition of Gozi Trojan which's vibrantly attacking financial institutions, especially PayPal the online payment processing portal which put organizations in great danger if they used conventional fraud defense software.

The latest Gozi strain is presently widely spread within Poland, Spain and Japan where it attacks institutes of finance like Société Générale, ING Bank, CitiDirect BE, Bank of Tokyo, BNP Paribas, besides PayPal.

The latest Gozi strain attacks with the method of Web-injections just as the first version did. Another version, GozNym too leveraged attacks involving Web-injections, however, moved onto redirection assaults during June. During the process of Web-injections, malevolent DLLs are planted into the victim's Web-browser that display overlays on his screen while he's doing an online banking transaction. However, the banking site should be having the support of Gozi's modules.

Buguroo states through one blog post that the Trojan is still evolving, with the most recent version using sophisticated techniques. Moreover, the vibrant Web-injection suggests there's immense automation in use which makes best possible choosing of mules that would be transferring funds depending on how much vulnerable the victim is. Cutimes.com posted this, August 3, 2016.

The said modules collect victim's login credentials from his banking portal when he logs in as well as oust the web-page which transfers the payment. Some of the above assaults involving Web-injection may actually happen as the criminal plans out in which 'mule' account he would divert stolen money as also the amount to send.

Buguroo explains the malware chooses different values and puts them into the fields for executing the fraudulent money diversions even as it tries to circumvent security defenses, depending upon user activity.

Banks keep on battling with financial malware such as Gozi Trojan that leverages complicated cyber-crime methods. A few banks have installed attitudinal biometrics solutions which note down users' typing speed and how fast they move their cursors from field-to-field. The latest Gozi variant logs these values too. More details regarding the Gozi are set to be put forward during the Black Hat security conference of 2016 at Las Vegas.

» SPAMfighter News - 8/9/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page