Banking Trojans: What Financial Services Institutions Need to Know and How to Stay Protected
Fewer than 100 years ago, people had to physically walk to the bank to pay their bills and had no choice but to carry around loose change. Thanks to innovations in technology, banking services have come a long way since then. Consumers today can conduct almost all of their banking activities from computers or mobile devices, either at home or on the go. For example, in 2017, 60% of banking customers used mobile banking to manage their money.
While these new methods have made banking more convenient and efficient, they also give cyber criminals new attack vectors against financial services institutions and their customers worldwide.
Dridex Banking Trojan
Research released by the Infoblox Cyber Intelligence Unit confirms that banking trojans continue to be prolific and are on the rise. The team recently investigated an email campaign distributing a banking trojan named Dridex, disguised as coming from eFax - a global leader in online fax services. The Dridex banking Trojan is being deployed in a new phishing campaign which combines the malware with a remote access tool for the purpose of credential and information theft.
Via a fake email from eFax registered with fraudulent domains (.club, .host, .site, etc.), this trojan requested bank statements and financial information that would lead email recipients to enter online banking credentials. Hackers were then able to access and steal funds from the victims’ bank accounts.
The URL from the malicious attachment dropped a Dridex binary and then connected to its command and control (C2) server.
Banking Trojans: What Financial Services Need to Know
Many financial services institutions across the globe are undergoing digital transformations. Some are more mature than others and many are known for being early adopters to cybersecurity technology. However, while they’ve been quick to adopt cybersecurity infrastructure, they are still experiencing (or will experience) rapidly evolving banking trends that will continue to impact their banking operations and customers.
Banking trojans that leverage false domains and C&C servers that interfere with web traffic via the cloud will continue to be a problem for the industry and their customers as online banking continues and new mobile services are introduced. Banking customers are accustomed to online banking and often eager to try new mobile features and apps while also having difficulty identifying phishing and other emails. This can have devastating impact on consumers, business, and governments when their credential are stolen and accounts compromised.
While consumers need to be wary of suspicious emails requesting bank information, financial services institutions should also continue to to ensure they have adequate cybersecurity infrastructure in place to prevent and detect attacks.
With a next-level cybersecurity solution that provides reliable and automated services for on-premise and the cloud, financial services organizations can better protect their customers and their incredibly sensitive data. This type of network security can help stop the exposure to malicious domains and networks which enable cybercriminals to steal financial information.
Click here to learn more about how Infoblox protects financial services organizations visit: