GootKit Malvertising Brings Redirection Attacks to Italian Banks

Earlier in May, I reported that GootKit had launched redirection attacks for the first time. The malware prepared for its new modus operandi in the U.K., targeting major banks there with this advanced browsing manipulation attack. I also predicted that this was just a test and that we’re about to see more.

That prediction has come true. GootKit officially expanded the redirection attacks to six major banks in Italy, additionally targeting one of the local digital banking platform providers.

Is It the Italian Pizza?

Why Italy? Although GootKit is mostly focused on the U.K., it is active in Italy, Spain and France as well. The bulk of GootKit attacks actually focus on these few countries, which is also what keeps it relatively limited in its global ranking among the top most active banking Trojan families.

See the statistics and read the rest of this post here.