Kaspersky has discovered a fresh ZeuS malware strain which has targeted financial institutions worldwide. The company says the banking trojan’s latest form has targeted a total of 150 different banks and 20 payment systems worldwide; focusing on the infiltration of online banking. In total, 15 countries have been attacked, including the United Kingdom, United States, Spain, Russia, Japan and Italy. ZeuS is a nasty form of malware which has been tailored for different cyberattacks. Banks have been a major target of the malicious code.
The security firm dubbed the new ZeuS strain Trojan-Banker.Win32.Chthonic, and reported its findings in a blog post Thursday. ZeuS is a nasty form of malware which has been tailored for different cyberattacks. Banks have been a major target of the malicious code, but ZeuS has also been discovered in phishing campaigns and attacks focused on Salesforce.com accounts. The strain appears to be an evolution of ZeuS, and while Chthonic uses a new technique for loading modules, the malware uses the same encryptor as Andromeda bots, the same encryption as ZeuS trojans, and a virtual machine similar to that used in both ZeuS and KINS malware. Chthonic, which impacts Windows machines, has been discovered in emails containing exploits hidden within RTF documents. Once the document is opened, the malware is downloaded to victim machines using the Andromeda bot, which then injects code into the msiexec.exe process.