Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Zeus Panda Goes To The Olympics

Accepted submission by fork(2) at 2016-08-04 19:58:13
Security

fork(2) [soylentnews.org] writes:

      Zika and sewage. What else could you ask for at the Olympics? How about a toxic banking trojan? From Security Intelligence [securityintelligence.com]:

IBM X-Force Research observed that a relatively new Zeus Trojan variant known as Panda, or Panda Banker, that started targeting banks in Europe and North America early this year has now spread to Brazil. According to IBM X-Force Research, Panda now targets 10 local bank brands and multiple payment platforms right as Brazil prepares to host a global sporting event.

      [...]

      IBM X-Force Research has been detecting Zeus Panda variants since Q1 2016. At first, botnets spreading and attacking users with this malware primarily targeted banks in Europe and North America, focusing on the U.K., Germany, the Netherlands, Poland, Canada, the U.S. and others. While Panda configurations focus on targeting personal online banking services, they are rather diverse. Other targets include online payments, prepaid cards, airline loyalty programs and online betting accounts, to name a few.

      Panda is clearly one hungry bear. The malware continues to spread to new geographies and is now targeting users in Brazil. First appearing in Brazil in July 2016, the related Panda variant likely has links to a locally operated, professional cybercrime faction. The variants fetched a new Brazil-focused configuration, which was set up to steal credentials from users of 10 major bank brands in the country, as well as those of bitcoin exchange platforms, payment card services and online payments providers, among others, per X-Force findings.

      [...]

      Zeus Panda's Brazilian configuration file has a notable local hue. Aside from including the URLs of major banks in the country, Panda's operators are also interested in infecting users who access delivery services for a Brazilian supermarket chain, local law enforcement websites, local network security hardware vendors, Boleto payments and a loyalty program specific to Brazil-based commerce. Other targets include customer logins to a company that offers ATM management services and secure physical access technology for banks.

      TechCrunch [techcrunch.com] says, "IBM notes that while the software behind Zeus Panda isn't particularly new, nor is the cybercrime scene in Brazil particularly advanced -- so Panda may be as a wolf (or rather bear) among lambs."

Original Submission