Panda Banker Trojan Migrates into Brazil ahead of Rio Olympics

IBM X-Force Research has found a comparatively fresh variant of Zeus Trojan which is called Panda Banker or Panda. The Trojan began attacking banks in North America and Europe during this January 2016 from where it's currently spreading in Brazil. Panda, at present, attacks ten major banks of Brazil along with several payment platforms just when preparations are on in Brazil for hosting the Olympics sport event.

A series of early configurations of the Trojan enabled the malware to utilize web-injects within victims' browsers for compromising Internet banking sites, prepaid cards, Internet-based payment systems, Internet betting accounts, and airline loyalty schemes. Softpedia.com posted this, August 6, 2016.

It seems Panda's proliferation is being carried out professionally. So the Trojan possibly gets sold within Dark Net's usual areas. Hitherto, Word documents have been the preferred medium where a script is implanted for activating the Trojan. A once only usable password is acquired for dual-factor validation through one fake 2FA pop-up which uploads the stolen banking data onto hackers' servers.

Panda's latest variant arrives just when the Summer Olympics has begun within Rio de Janeiro. The Panda banker is a localized malware so even if tourists arriving in Brazil use their bank brands from Brazil, the Trojan will attack only Brazilians and not the foreigners.

Although Zeus Panda mayn't function like an unprecedented modular banking malware that's effective in Brazil, still it's certainly one chief evolution from the mal-code based on the malevolent Delphi, which typically operates within the country. And such a migration of one fresh as also commercial Zeus sample into Brazil further highlights how Brazil-situated cyber-criminals are increasingly collaborating with cyber-crime vendors beyond the national boundary, along with underground communities, something which has been speeding up from 2016-beginning inside Brazil.

X-Force Research has observed Zeus Panda as one active as well as evolving project which's getting commercially available to cyber-crooks via Dark Web portals. Overall, IBM expects that there will be more variants of the particular malware as well as fresh botnets building during forthcoming months, possibly attacking various nations other than those being targeted with the current configurations.

» SPAMfighter News - 8/11/2016