Malware with the specific intent of targeting bank account information is commonly referred to as a banking Trojan. These Trojans are operated by gangs of cybercriminals that are becoming increasingly innovative, evolving the malware with new iterations of code and expanding their geographies.
2015 saw a major milestone as Zeus, which has led in the banking Trojan arena for years, fell from first place to fourth behind the Trojan known as Dyre. Dyre has rapidly and aggressively evolved since it first arose in 2014, with constant updates designed to evade detection by antivirus and static security mechanisms. These quick changes and feature-rich capabilities have no doubt contributed to its rise to the No. 1 spot.
Despite Dyre’s rapid climb to the top, IBM data shows a massive drop in activity in the Dyre Trojan starting in November 2015, and recent reports suggested that authorities may have intervened.
Some additional findings and dynamics at play in the banking Trojan war include:
- Dyre attacks increased 19 percent, catapulting it to first place from sixth. Zeus fell a precipitous 23 percent to land in fourth.
- Neverquest held its No. 2 spot year-over-year, while Bugat moved into third and Shylock dropped from third all the way out of the top 10.
- IBM discovered two new Trojans targeting Japanese financial institutions, Tsukuba and Shifu, plus a new variant of Rovnix.
- IBM also identified a malware to watch in the Tinba Trojan at No. 6, which was not in the top 10 in 2014. This Trojan was the first of its kind dedicated to Romanian banks.
Comments
Post a Comment