Tsukuba: Banking Trojan Phishing in Japanese Waters

Named after Japan’s science city, Tsukuba is a recent financial malware discovery made by IBM Security Trusteer researchers. It unearths the malicious activity of a new banking Trojan in the global cybercrime arena that is highly focused and exclusive to Japanese financial institutions.

Technically speaking, Tsukuba is no more sophisticated than run-of-the-mill proxy changers, which are typical attack tools used in Brazil and the surrounding region. Although it may not be very advanced in its technical capabilities, it makes up for it through its most recent social engineering technique, which is how it harvests victims’ online banking credentials, personally identifiable information (PII) and even clear images of official identification documents.

With the information Tsukuba can collect from infected endpoint owners, the gang operating this Trojan can monetize the data in numerous identity theft and online fraud scenarios to rob bank accounts, credit cards, online loans, e-wallets and more.

What makes Tsukuba all the more potent, however, is the fact that banking customers in Japan are less accustomed to seeing Trojan attacks in their region than those in English-speaking countries. The language barrier — one factor that has protected some companies from fraud — has also served to keep their general population more naïve to it and, therefore, less suspecting of Tsukuba’s unique methods.

Read this article here