Panda Is One Hungry Bear! A Heavyweight Banking Trojan Rolls Into Brazil
IBM X-Force Research observed that a relatively
new Zeus Trojan variant known as Panda, or Panda Banker, that started targeting
banks in Europe and North America early this year has now spread to Brazil.
According to IBM X-Force Research, Panda now targets 10 local bank brands and
multiple payment platforms right as Brazil prepares to host a global sporting
event.
Commercialized Malice
As its name suggests, Zeus Panda is yet another
Zeus v2 Trojan iteration built upon the same source code leaked in 2011 — one
that evidently keeps enabling the delivery of more commercial banking Trojans
into the world.
IBM X-Force Research believes that Zeus Panda is
being peddled via Dark Web underground boards by the developer who put it
together. It is sold in cybercrime-as-a-service packages to other
cybercriminals.
Panda Arrives in Brazil
IBM X-Force Research has been detecting Zeus Panda
variants since Q1 2016. At first, botnets spreading and attacking users with
this malware primarily targeted banks in Europe and North America, focusing on
the U.K., Germany, the Netherlands, Poland, Canada, the U.S. and others. While
Panda configurations focus on targeting personal online banking services, they
are rather diverse. Other targets include online payments, prepaid cards,
airline loyalty programs and online betting accounts, to name a few.
Panda is clearly one hungry bear. The malware
continues to spread to new geographies and is now targeting users in Brazil.
First appearing in Brazil in July 2016, the related Panda variant likely has
links to a locally operated, professional cybercrime faction. The variants
fetched a new Brazil-focused configuration, which was set up to steal
credentials from users of 10 major bank brands in the country, as well as those
of bitcoin exchange platforms, payment card services and online payments
providers, among others, per X-Force findings.
This blog was part of my work with IBM X-Force. Read
the complete post here.
Comments
Post a Comment