January 30, 2017 By Mark Samuels 2 min read

Researchers have found another threat that users have to worry about. Security firm Cyren recently discovered a wave of fake emails sent to finance customers containing banking malware that uses keylogging techniques to collect sensitive information.

Banking Malware Spread Through Phishing

The malware takes the form of a keylogger, which is sent as an attachment in a fake email. The email subject normally includes a false payment update or notification of an online wire transfer.

According to Cyren, the fake emails derive mainly from bots based in the U.S. and Singapore. The attackers design the emails to look as if they are associated with major financial institutions.

Victims are encouraged to open the email attachment for information about their payments. Although the file resembles a PDF, it is actually an executable that launches the banking malware.

What’s the Impact?

Cyren researchers reported that the activated program creates a file in the startup folder in Microsoft Windows. The script runs and executes the malware each time a user restarts or logs in on an infected PC.

The malware searches compromised machines for sensitive data, including passwords, usernames and cookies associated with web browsing. It also seeks out cryptocurrency wallets, according to Banking Technology. Potential currencies at risk include bitcoin, bytecoin, devcoin and quarkcoin.

Cyren noted that the malware creates hooks for both the keyboard and mouse, meaning it records everything a user types and each movement of the mouse.

What Should Users Do Now?

Softpedia advised users to be especially wary of emails containing payment information they are not expecting to receive. This particular attack follows similar threats to other platforms and services. Last week, in fact, researchers reported that leaked source code could lead to even more banking Trojan attacks.

According to a Kaspersky Lab study, the number of users affected by financial malware rose by more than 22 percent in the fourth quarter of 2016, ITWeb reported. Users and IT managers must be aware that banking malware represents an ever-growing threat and utilize security best practices accordingly.

More from

Cybersecurity risks in healthcare are an ongoing crisis

3 min read - While healthcare providers have been implementing technical, administrative and physical safeguards related to patient information, they have not been as diligent in securing their medical devices. These devices are critical to patient care and can leave hospitals at risk for cyberattacks, causing major disruptions to patient care.In fact, 88 million individuals have been affected by large breaches of personal health information (PHI), according to the U.S. Department of Health & Human Services. This year, several large healthcare providers have been…

CVE backlog update: The NVD struggles as attackers change tactics

4 min read - In February, the number of vulnerabilities processed and enriched by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) started to slow. By May, 93.4% of new vulnerabilities and 50.8% of known exploited vulnerabilities were still waiting on analysis, according to research from VulnCheck.Three months later, the problem persists. While NIST has a plan to get back on track, the current state of common vulnerabilities and exposures (CVEs) isn't keeping pace with new vulnerability detections. Here's a…

The rising threat of cyberattacks in the restaurant industry

2 min read - The restaurant industry has been hit with a rising number of cyberattacks in the last two years, with major fast-food chains as the primary targets. Here’s a summary of the kinds of attacks to strike this industry and what happened afterward. Data breaches have been a significant issue, with several large restaurant chains experiencing incidents that compromised the sensitive information of both employees and customers. In one notable case, a breach affected 183,000 people, exposing names, Social Security numbers, driver's…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today