Banking Trojan ‘Ursnif’ Has Gone Out of Control in Italy
2 min read- Ursnif is targeting 100 banks and financial institutes in Italy and has stolen thousands of credentials.
- The particular banking trojan is a classic choice for cybercriminals and has been for over a decade now.
- It usually arrives via loaders that are fetched through macros hiding in document attachments.
The Ursnif banking trojan appears to have gone rampant in Italy, as Avast Threat Labs researchers claim that they hold evidence of over 100 banks in Italy having some level of compromise or targeting. Reportedly, the malicious actors behind Ursnif have managed to steal over 1,700 credentials belonging to just one of the compromised payment processors, so the total damage is thought to be on a manifold scale. And to make matters worse, in the vast majority of the cases, the compromised individuals don’t realize the damage before it’s already too late.
Avast has collected and analyzed information which includes victim usernames, passwords, credit card details, banking information, and payment information. This data is stolen by Ursnif in relevant campaigns, which are oftentimes localized. The things that the particular malware can do include the following:
- Exfiltrate computer data, computer name, system local, operating system (OS) version, and running processes.
- Exfiltrate user credentials, financial and banking information.
- Record keystrokes and take screenshots from the user’s monitor.
- Communicate with the C2 server to fetch additional malware components.
- Execute backdoor commands remotely.
What’s so interesting about Ursnif is that it is one of the oldest banking trojans out there, and yet it remains a serious menace. It first appeared in the wild in 2007 and evolved greatly in the years that followed. The enrichment of its functionality kept it alive and popular in the underground cybercrime community, and in 2015, its source code leaked. This turned the malware into a commodity tool, as everyone could grab the code and fork it to create something specialized and, most importantly, free.
The researchers at Avast have gathered all the information they could for the recent attack wave in Italy and shared it with the law enforcement authorities in the country, as well as with CERT Finanziario Italiano. Hopefully, they will act as a point of contact and a coordination force for the local financial sector to identify the signs of compromise and manage the threat effectively.
To stay safe from the Ursnif threat, do not open attachments that arrive via unsolicited emails that urgently call for your attention. Also, keep your system and software up to date, and use a complete internet security solution from a reputable vendor. Finally, keep the macros on your Office suite disabled unless you really need them for your work. If a strange file asks you to “enable content” to view it, don’t do it.
top rated canadian online pharmacy
buy amoxicillin 500mg online: generic amoxil – amoxicillin 50 mg tablets
single chat line free
personals free
canadian online pharmacies
can you buy diflucan without a prescription: cheap diflucan – buy diflucan
cialis vs viagra
buy amoxicillin 500mg: amoxicillin 30 capsules price – amoxicillin 500mg buy online uk
is viagra over the counter: non prescription viagra buying viagra online without prescription
viagra coupons: buy viagra online without prescription viagra online no prescription
best male erectile dysfunction pill: https://edpillsonline24.com/# red erectile dysfunction pill
viagra pills: https://edpillsonline24.com/# viagra pills
best male erectile dysfunction pill: https://edpillsonline24.com/# viagra pills online
meds from india: overseas pharmacies shipping to usa prescriptions from india
indian online pharmacies review: cheap online pharmacies from india buy prescriptions from india pharmacy
buy minomycin: generic bactrim
generic cipro
http://zithromaxproff.com/# zithromax cost uk
zithromax 1000 mg online