Wapack Labs assesses, with medium confidence, that Australian malware authors (medium confidence) have released a new banking Trojan. This Trojan performs real time web-injections and redirection attacks on its victims. It currently enjoys low and generic detection by intrusion prevention systems. Analysts at IBM report to have followed the Trojan during its testing cycles3. It now has moved out of the testing phase and is actively defrauding banks and consumers. If it becomes as virulent (as did its' predecessors), it will likely spread to the US by the second quarter of 2017...READ MOREPublication Date: 23 December 2016
Handling Requirements: Traffic light protocol (TLP) AMBER.
Attribution/Threat Actors: Australian Malware Authors
Actor Type: Adversary capabilities have been assessed as TIER III.
Industries Targeted: Financial
Past Reporting: Red Sky Alliance: DOC-2301, DOC-2522, DOC-3456, Message #7963
The full report may be viewed in the Red Sky Alliance as DOC-4566.
Contact Wapack Labs for more information.