Cybercriminals stay under the radar for extended periods of time to execute malware such as banking Trojans, forcing organizations to reassess their security tools, according to a report from Damballa.
In its "State of Infections Report," the Atlanta-based network security monitoring firm highlighted how criminals spread malware called Pony Loader, which has been around for years. It has remained undetected thanks to a structured routine that includes consistently creating new domains and establishing new infrastructure, thus ensuring it won't be detected by most security products.
In addition to moving infrastructure, the criminals behind Pony Loader also change the malware itself. In May 2015, the Pony configuration unleashed Dyre, a banking Trojan. In September, it downloaded Vawtrak, another banking Trojan. And on Dec. 2, Nymaim, a form of ransomware, replaced Vawtrak before switching back to its original Vawtrak form on Dec. 14.
Continue Reading for Free
Register and gain access to:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
- Educational webcasts, white papers, and ebooks from industry thought leaders.
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com.
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
