Kaspersky Lab researchers have detected NukeBot – new malware which has been designed to steal the credentials of online banking customers. Earlier versions of the Trojan were known to the security industry as TinyNuke, but lacked the features necessary to launch attacks. The latest versions however, are fully operable, and contain code to target the users of specific banks.

 

Although the appearance of a malware family in the wild is not unusual, the fact that criminals have a ready-to-attack version of the Trojan, means that soon they may initiate a wide-scale malicious campaign, to infect multiple users.

 

As an early warning to its customers and other users, Kaspersky Lab has published a brief analysis of the malware.

 

NukeBot is a banking Trojan. Upon infection it “injects” malicious code into the webpage of an online banking service displayed in a victim’s browser and then steals user data, spoofs their credentials, and more.

 

According to Kaspersky Lab researchers, there are already a number of compiled samples of this Trojan in the wild – shared on underground hacking forums. Most of these are rough, barely operational malware drafts; however, the company’s experts have managed to identify some that pose a real threat.

 

Around 5% of all samples found by Kaspersky Lab were NukeBot’s new ‘combat versions’, which have improved source codes and attacking capacities. Among other things these versions contain injections – specific pieces of code, which mimic parts of user interface of real online banking services.

 

Based on the analysis of injections, Kaspersky Lab experts believe the main targets of the new version of NukeBot are users of several French and US banks.

 

In addition, Kaspersky Lab researchers managed to detect several NukeBot modifications that didn’t have web injection functionality, and were designed to steal mail client and browser passwords.

 

This means that developers of new versions may aim to widen the functionality of this malware family.

 

“While criminals behind recent versions of this malware currently are not actively distributing NukeBot, this may, and likely will, change very soon. We’ve already seen this before with some other malware families: after a short testing period of a ready-to-attack malware, criminals start distributing it widely through infected websites, spam and phishing. So far we have seen NukeBot versions which are ready to attack the customers of at least six banks located in France and the US, however this list of targets looks like only the beginning. The goal of our brief research is to warn the banking community and online banking customers about a potentially emerging threat. We urge interested parties to use the results of our research in order to protect themselves from this threat in advance,” said Sergey Yunakovsky, security expert at Kaspersky Lab.

 

“In 2016, the number of users attacked with malware targeting financial data increased about 30.55% over the previous year, bringing it to close to 1.1 Million attacks. While most of these attacks were mostly towards regular users, approximately 17.7% of the attacks also targeted corporate users. From our Financial Cyberthreats report for 2016, we found that users in Russia, Germany, Japan, India, Vietnam and the US are the ones most often attacked by banking malware. The trends show us that although professional cybercriminal groups have indeed shifted a lot of their attention to targeted attacks against large companies, regular users and smaller firms are still being targeted,” added Sylvia Ng, General Manager at Kaspersky Lab Southeast Asia.

 

For financial organizations providing online banking services:

 

Make sure you have an effective fraud prevention solution in place, so that you can quickly and accurately spot unauthorized use of customer accounts and irregular financial activity.

 

For customers of online banking services:

 

Use an Internet security solution with tailored technologies to protect financial transactions, like Kaspersky Lab’s Safe Money.

 

Regularly run a system scan to check for possible infections.

 

Kaspersky Lab products detect the malware as Trojan-Banker.Win32.TinyNuke.

 

To learn more about the ‘combat versions’ of NukeBot, read the blog post, available on Securelist.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
31.8M Internet Threats Detected and Blocked in PH in 2018 According to Kaspersky Lab Report
Techworld Date Posted: 2 May 2019 10:05 AM | 242 Views
Recent data from Kaspersky Lab show that close to 32 million internet-borne threats were detected and blocked by Kaspersky Lab among its users in the Philippines in 2018, setting out a growth of over.... See More
 
31.8M Internet Threats Detected and Blocked in PH in 2018 According to Kaspersky Lab Report
Techworld Date Posted: 10:05 AM | 242 Views
Recent data from Kaspersky Lab show that close to 32 million internet-borne threats were detected and blocked by Kaspersky Lab among its users in the Philippines in 2018, setting out a growth of over...See More

 
Apacer Welcomes Intelligent Connectivity at the Recently Held COMPUTEX 2019
Techworld Date Posted: 6 June 2019 9:39 AM | 165 Views
Apacer, the global leader in industrial digital storage, introduced its new program entitled "Welcoming Intelligent Connectivity" at the recently held COMPUTEX 2019. This platform showcases a variety of vertical market packages and next-generation innovative.... See More
 
Apacer Welcomes Intelligent Connectivity at the Recently Held COMPUTEX 2019
Techworld Date Posted: 9:39 AM | 165 Views
Apacer, the global leader in industrial digital storage, introduced its new program entitled "Welcoming Intelligent Connectivity" at the recently held COMPUTEX 2019. This platform showcases a variety of vertical market packages and next-generation innovative...See More

 
ZooPark: New Android-Based Malware Campaign Spreading through Compromised Legitimate Websites
Techworld Date Posted: 16 May 2018 11:31 AM | 136 Views
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which for several years has been targeting users of Android devices based in several Middle Eastern countries.. See More
 
ZooPark: New Android-Based Malware Campaign Spreading through Compromised Legitimate Websites
Techworld Date Posted: 11:31 AM | 136 Views
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which for several years has been targeting users of Android devices based in several Middle Eastern countries.See More

 
PLDT Home, the Country’s No.1 Home Broadband, Launches its First Prepaid Broadband Service
Techworld Date Posted: 10 August 2018 2:52 PM | 1051 Views
  With the company’s vision of bringing world-class Internet to Filipino families, PLDT has launched its first ever PLDT Home Prepaid WiFi, an affordable service that makes it easier than ever for more families.... See More
 
PLDT Home, the Country’s No.1 Home Broadband, Launches its First Prepaid Broadband Service
Techworld Date Posted: 2:52 PM | 1051 Views
  With the company’s vision of bringing world-class Internet to Filipino families, PLDT has launched its first ever PLDT Home Prepaid WiFi, an affordable service that makes it easier than ever for more families...See More

 
The Shifting AI-Driven Threat Landscape
Techworld Date Posted: 18 February 2019 1:05 PM | 389 Views
As the modern threat landscape continues to expand, adding artificial intelligence (AI) to a security strategy has become paramount to establishing and maintaining an effective security posture.. See More
 
The Shifting AI-Driven Threat Landscape
Techworld Date Posted: 1:05 PM | 389 Views
As the modern threat landscape continues to expand, adding artificial intelligence (AI) to a security strategy has become paramount to establishing and maintaining an effective security posture.See More

 
Nokia 8 Flagship Android Smartphone Arrives in PH
Techworld Date Posted: 30 September 2017 11:39 AM | 17 Views
Ending weeks of anticipation, HMD Global unveils Nokia's new flagship smartphone, the Nokia 8, today at the Intramuros Ballroom, Manila House, Taguig.. See More
 
Nokia 8 Flagship Android Smartphone Arrives in PH
Techworld Date Posted: 11:39 AM | 17 Views
Ending weeks of anticipation, HMD Global unveils Nokia's new flagship smartphone, the Nokia 8, today at the Intramuros Ballroom, Manila House, Taguig.See More

 
Kaspersky Lab Warns of Dangers of ‘Balkanisation’ at Its 4th APAC Cyber Security Summit
Techworld Date Posted: 26 September 2018 4:00 PM | 425 Views
Kaspersky Lab presented the cybersecurity risks that can result from Balkanisation in cyberspace — the fragmentation of the world wide web, during its 4th Asia Pacific (APAC) Cyber Security Weekend in Siem Reap, Cambodia.. See More
 
Kaspersky Lab Warns of Dangers of ‘Balkanisation’ at Its 4th APAC Cyber Security Summit
Techworld Date Posted: 4:00 PM | 425 Views
Kaspersky Lab presented the cybersecurity risks that can result from Balkanisation in cyberspace — the fragmentation of the world wide web, during its 4th Asia Pacific (APAC) Cyber Security Weekend in Siem Reap, Cambodia.See More

Rhea Sanvictores
Edifier Unveils First Concept Store in PH
Techworld • By: Rhea Sanvictores | Date Posted: 7 December 2018 3:53 PM | 1759 Views
Premium audio solutions corporation Edifier has gone the extra mile in showcasing technological innovation and design elegance with the opening of its pioneer concept store in the Philippines. . See More
Rhea Sanvictores
Edifier Unveils First Concept Store in PH
Techworld • By: Rhea Sanvictores | Date Posted: 3:53 PM | 1759 Views
Premium audio solutions corporation Edifier has gone the extra mile in showcasing technological innovation and design elegance with the opening of its pioneer concept store in the Philippines. See More

 
11 Practical New Year’s Resolutions from Kaspersky Lab
Techworld Date Posted: 12 January 2019 2:49 PM | 200 Views
The global cybersecurity company recommended the practical resolutions below that will greatly help highly active netizens better manage their data and money on the internet.. See More
 
11 Practical New Year’s Resolutions from Kaspersky Lab
Techworld Date Posted: 2:49 PM | 200 Views
The global cybersecurity company recommended the practical resolutions below that will greatly help highly active netizens better manage their data and money on the internet.See More

 
ASUS Republic of Gamers Announces Rapture GT-AC5300
Techworld Date Posted: 29 August 2017 4:41 PM | 525 Views
Modern online games require close teamwork and precise control from players; even a second of unwanted network latency can lose a game. To date, most routers labeled as ‘gaming routers' are largely defined by.... See More
 
ASUS Republic of Gamers Announces Rapture GT-AC5300
Techworld Date Posted: 4:41 PM | 525 Views
Modern online games require close teamwork and precise control from players; even a second of unwanted network latency can lose a game. To date, most routers labeled as ‘gaming routers' are largely defined by...See More


Power by

Download Free AZ | Free Wordpress Themes