Covid-19 Impact on Banks, And fixes. The Black Swan Opportunity

Download Now

The Black Swan Opportunity | Get your bank digital ready.

IBSI Special 5 Digital Report Package with Special Offer. Subscribe now

IBS Journal: The iconic monthly FinTech magazine

May 2020 issue out now! Subscribe now

India FinTech Report 2020

Insights into the historical and projected market size of key FinTech categories. Subscribe now

Mac-based banking malware strikes via email campaigns

A new banking malware program has been discovered stealing personal information and banking credentials on Mac computers.

Security firm Check Point identified the malware as its creators spread it through mass emailing campaigns. According to the company it’s the first “major scale” attack by a malware on OSX users via email.

Apple famously designed its computers to be resilient to viruses and malware, but exploits still occur. OSX-attacking viruses are usually distributed differently to their Windows counterparts – via websites rather than email.

This new strain, named OSX/Dok, gives the attacker access to all communications from the victim. The malware is designed to impersonate legitimate macOS system messages to trick the user to entering a password.

Once inside a system, OSX/Dok changes the Mac’s network settings to allow outgoing connections of the attacker’s choosing. Once this has been completed it launches two routines that redirect all online communication through the criminal’s server. The crooks can then change what the victim sees online and swipe details on banking sites as they’re entered. Once it’s task is done, the malware is able to delete itself fully from the Mac’s files.

The malware appears to be mostly targeting European users. An example found by Check Point was aimed at a German target and implied there were inconsistencies with the victim’s tax returns.

PC gone mad

Millions of email users have been attacked by a new cybercrime campaign aiming to exploit a vulnerability in Microsoft Office. The backdoor was discovered by McAfee in April and according to new research from security firm FireEye, criminals ae already trying to take advantage.

Following the release of the source code of an unnamed Android banking Trojan earlier this year, hackers have also been developing tools to bypass Google Play Store’s security measures.

Banks are being targeted directly by the TrickBot trojan, which is using redirect attacks to attempt to siphon cash from FIs. So far, according to IBM research, it has done little to no damage.

Related IBS Intelligence Research

Related Posts