Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.
Global cybercrime actors test their malware in small settings before launching internationally, leaving trails of clues to tip off astute security teams.
After an eight-month period of dormancy, the Ramnit Trojan has resurfaced to attack the customers of six major banks in the U.K.
The Ramnit banking Trojan and botnet was previously taken down by law enforcement, but it appears to have re-emerged as a threat across the world.
Trusteer's security team has recently identified a new malware variant in a Russian cyber crime forum known as the i2Ninja malware.
If fraudsters can't deceive users, their business fails. Malware now requires perfectionism and hackers are beefing up their social engineering tactics.
Over time, the Ramnit worm has morphed into a financial malware — or is at least being used as a platform to commit financial fraud.