Security News > 2024 > April > Visa warns of new JSOutProx malware variant targeting financial orgs
Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers.
In a security alert from Visa's Payment Fraud Disruption unit seen by BleepingComputer and sent to card issuers, processors, and acquirers, Visa says they became aware of a new phishing campaign distributing the remote access trojan on March 27, 2024.
"While PFD could not confirm the ultimate goal of the recently identified malware campaign, this eCrime group may have previously targeted financial institutions to conduct fraudulent activity," reads the Visa alert seen by BleepingComputer.
A related report by Resecurity dives deeper into the JSOutProx phishing operation details, explaining that the malware has evolved its latest version for better evasion and now uses GitLab to host its payloads.
New Bifrost malware for Linux mimics VMware domain for evasion.
New Qbot malware variant uses fake Adobe installer popup for evasion.