1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Rovnix malware shifts focus to Japan, says IBM

Discussion in 'CSO' started by RSS, Jan 12, 2016.

  1. RSS

    RSS New Member Member

    After a stint focusing on the Netherlands, a group using the Rovnix Trojan has updated it and repackaged it to steal from the bank accounts of victims in Japan, according to IBM X-Force.

    The malware in this exploit, which has persisted in various forms for about five years, has been augmented to avoid being detected, dodge bank security and convincingly mimic bank websites, says Etay Maor, a senior cybersecurity strategist for IBM.

    It’s pretty clear from the malware samples IBM X-Force has examined that the Rovnix group in question studied Japanese banks closely and came up with a user interface that closely mimics those of specific banking sites. It’s not just a generic key-logger that steals information and hopes for the best, Maor says.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page