Nukebot, the virus that threatens online banking

Nukebot, the virus that threatens online banking

This new Trojan is designed to infect the websites of banks and financial organizations

  NukeBot is a new banking Trojan designed to steal credentials of online banking customers. Although the appearance of a family of malware is not unusual, the fact that criminals have a version of the Trojan ready to attack means that they can start a malicious campaign on a large scale.

About 5% of all samples found by Kaspersky Lab are new attack versions of NukeBot, with improved source codes and attack capabilities. Among other things, these versions contain parts of the user interface of real online banking services. The analysis of these injections leads the Kaspersky Lab experts to think that the main objectives of the new version of NukeBot are the users of French and American banks.

   After the infection, the virus "injects" malicious code into the website of the online banking service and then steals user data, falsifies their credentials and more.

According to experts, there are already a series of samples of this Trojan compiled in hacking forums. Most are malicious, non-operational drafts; But the company's experts have managed to identify some that represent a real threat.

"Although the cybercriminals who are behind the recent versions of this malware are not currently actively distributing NukeBot, this will probably change soon. We have seen this before, with other malware families: after a short trial period of malicious software, ready for the attack, the cybercriminals begin to distribute it massively through infected websites, spam and phishing, "explains Sergey Yunakovsky, security expert at Kaspersky Lab.