Well Known Banking Malware Zeus Bot is well known . In Mid 2014 , US and European agencies worked along with security firms to stop the spread of Gameover Zeus botnet and managed to control servers that were involved with CRYPTOLOCKER Ransom ware . CryptoLcker is a well known ransomware that encrypts the system files and demands ransom in exchange of the decryption key .
ZEUS and Crytolocker are most known and widely spread malware that steal the Financial Data . These malware have lots of variants too that are on a Roll of spread and AV industries are facing a hard time Detecting them . Trend Micro seems to have more than 2000 detection for the Zeus family alone . In this post we bring you a list of Most Dangerous Malware that can Empty Your Bank Accounts and steal your financial data .
Zbot/Zeus
Zeus Banking Trojan , also known as Zbot, is a notorious Trojan which infects Windows users and tries to retrieve confidential information from the infected computers. Once it is installed, it also tries to download configuration files and updates from the Internet. The Zeus files are created and customized using a Trojan-building toolkit, which is available online for cyber criminals.
Zeus has been created to steal private data from the infected systems, such as system information, passwords, banking credentials or other financial details and it can be customized to gather banking details in specific countries and by using various methods. Using the retrieved information, cyber criminals log into banking accounts and make unauthorized money transfers through a complex network of computers.
SpyEye
Spyeye also belongs to the Zeus malware Family .SpyEye is a data-stealing malware (similar to Zeus) created to steal money from online bank accounts. This malicious software is capable of stealing bank account credentials, social security numbers and financial information that could be used to empty bank accounts.
This banking Trojan contains a keylogger that tries to retrieve login credentials for online bank account. The attack toolkit is popular among cybercriminals because it can be customized to attack specific institutions or target certain financial data .
Ice IX
Ice IX is a modified variant of Zeus, the infamous banking Trojan, one of the most sophisticated pieces of financial malware out there.
This modified variant is used by cybercriminals with the same malicious purpose of stealing personal and financial information, such as credentials or passwords for the e-mail or the online bank accounts.
Like Zeus, Ice IX can control the displayed content in a browser used for online banking websites. The injected web forms are used to extract banking credentials and other private security information.
Citadel
Citadel appeared after the source code of the infamous Zeus leaked in 2011. Due to its open source character, the software code has been reviewed and improved by IT criminals for various malware attacks.
Carberp
Carberp is a Trojan designed to give attackers the ability to steal private information from online banking platforms accessed by the infected PCs.
This Trojan’s behavior is similar to the other financial malware in the Zeus family and displays stealth abilities from antimalware applications. Carberp is able to steal sensitive data from infected machines and download new data from command-and-control servers.
This Trojan is one of the most widely spread financial stealing malware in Russia. Primarily targeting banking systems and companies which perform a high number of financial transactions, Carberp is not only injecting a code into web pages, but it also tries to exploit several vulnerabilities in the target system so as to escalate to administrative privileges.
Bugat
Bugat is another banking Trojan, with similar capabilities to Zeus – the notorious data-stealing Trojan – which is used by IT criminals to steal financial credentials.
Bugat targets an infected user’s browsing activity and harvests information during online banking sessions. It can upload files from an infected computer, download and execute a list of running processes or steal FTP credentials.
Bugat communicates with a command and control server from where it receives instructions and updates to the list of financial websites it targets.
Shylock
Shylock is a banking malware, designed to retrieve user’s banking credentials for fraudulent purposes.
As soon as it is installed, Shylock communicates with the remote Command and Control servers controlled by the cybercriminals, sending and receiving data to and from the infected PCs.
Torpig
Torpig is a sophisticated type of malware program designed to harvest sensitive information, such as bank account and credit card information from its victims.
The Torpig botnet – the network of compromised PCs – which are under the control of cybercriminals are the main means for sending spam e-mails or stealing private information or credentials for the online bank accounts. Torpig also uses a DGA (domain generation algorithm) to generate a list of domains names and locate the Command and Control servers used by hackers.
CryptoLocker
This malware encrypts your data and displays a message which states that your private information can be decrypted for a sum of money in a limited period of time. Though CryptoLocker can be removed by various security solutions, there isn’t any way yet to decrypt the locked files.
CryptoLocker is one of the nastiest pieces of malware ever created. It’s not just because it takes money from you or because it can access your private data, but once it manages to encrypt your information, there is no way for you to decrypt those files. This ransomware is so dangerous because the affected users have their private information disclosed (and taken advantage from) and they also lose the files without having any chance of recovering them.
CryptoLocker is a ransomware Trojan which can infect your system in different ways, but usually this happens through the means of an apparently legitimate e-mail attachment, from a well-known company or institution. Because it spreads through e-mail attachments, this ransomware is known to target companies and institutions through phishing attacks.
Leave a Reply