400 Banks’ Customers Targeted with Anubis Trojan

2021-12-14 20:23

Customers of Chase, Wells Fargo, Bank of America and Capital One, along with nearly 400 other financial institutions, are being targeted by a malicious app disguised to look like the official account management platform for French telecom company Orange S.A. Researchers say this is just the beginning.

Once downloaded, the malware - a variant of banking trojan Anubis - steals the user's personal data to rip them off, researchers at Lookout warned in a new report.

It's not just customers of big banks at risk, the researchers added: Virtual payment platforms and crypto wallets are also being targeted.

First identified in 2016, Anubis is widely available on underground forums as open-source code along with instructions for aspiring banking trojan cybercriminals, the report explained.

In this latest iteration of Anubis code, the basic banking trojan has added a credential stealer to the mix, Lookout pointed out, meaning that logins for cloud-based platforms like Microsoft 365 are also at risk of compromise.

"While we can't be certain whether the app has been used in a successful attack, we do know they are targeting U.S. banks including Bank of America, U.S. Bank, Capital One, Chase, SunTrust and Wells Fargo," Balaam said.

News URL

https://threatpost.com/400-banks-targeted-anubis-trojan/177038/

#bank #trojan