Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.
As security tools improve, malicious actors are increasingly operating as organized cybergangs and less sophisticated actors are falling behind, according to X-Force analysis of malware trends.
IBM X-Force researchers reported that the TrickBot banking Trojan added new attack capabilities designed to target savings banks in Germany.
GozNym continued its trip around Europe by launching redirection attacks against 13 German banks. The volume of these attacks has spiked in recent months.
IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.
IBM X-Force researchers recently reported that the GozNym banking malware is executing redirection attacks on banks in the U.S.
The GozNym banking Trojan has pivoted its focus from targeting North American institutions to launching redirection attacks in Europe.
The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan targeting banks in the U.S. and Canada.