Sinowal and Zbot Trojan collaborate in new attack
Posted on 14.11.2013
Trend Micro researchers have recently come across an interesting example of malware collaboration involving the Zeus banking Trojan and a new variant of the password-stealing Sinowal Trojan.


The double-headed attack starts with an email carrying an attachment. Inside is the Andromeda backdoor which, among other things, also functions as a dropper. Once downloaded and run, it drops variants of the two aforementioned Tojans on the computer.

Zeus is well-known for its Man-in-the-Browser attacks, and this Sinowal variant aims to make its job easier by attempting to disable Trusteer’s Rapport software if present on the computer.

“Rapport is software that protects users from phishing and man-in-the-browser attacks. It is frequently provided to users by their banks to improve their security,” the researchers explained. “If the attacker succeeded in disabling Rapport, users would be more vulnerable to man-in-the-browser attacks, which are frequently used by banking malware.”

According to Trusteer sources, this new Sinowal variant is ineffective, but this example shows how attackers are always on the lookout for new schemes and approaches.









Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //