Data-stealing Qadars Trojan malware takes aim at 18 UK banks

Data-stealing Qadars Trojan malware takes aim at 18 UK banks

Data-stealing Qadars Trojan malware takes aim at 18 UK banks

A three-year-old banking Trojan, believed to be the work of experienced and organised Russian cybercriminals, has now turned its attention to UK banks.

The Qadars Trojan has been active since 2013. Using several different versions, the malware has targeted banks in different regions, beginning with France and the Netherlands during 2013 and 2014, then Australia, Canada, the United States, and the Netherlands during 2015 and 2016.

Now, cybersecurity researchers at IBM X-Force Research -- who last month spotted malware attacking Brazilian banks ahead of the Olympics -- have observed the launch of a fresh version of Qadars and a new infection campaign.

This time, the malware campaign is targeting 18 banks in the UK -- which haven't been named for security reasons -- as well as financial institutions in Germany, Poland, and once again, the Netherlands. UK banks have recently also been targeted by a separate data-stealing Dridex malware campaign.

Qadars historically infects end-points using exploit kits found on compromised hosts, or on domains purchased for the purpose of serving malware. It has also been known to employ botnets, using downloader-type malware to infect victims.

Read Also:
Medical devices: Many benefits, but many insecurities

Qadars uses social engineering to help take control of systems and undertake full-scale theft of data, including information from the two-factor authentication systems used by many online banking services. The Trojan is also capable of monitoring all user activity on a device and hijacking text messaging on the victim's mobile phone.

While Qadars predominantly focuses on stealing bank data, it also targets Facebook users, online sports betting users, e-commerce, and others.

 



Data Innovation Summit 2017

30
Mar
2017
Data Innovation Summit 2017

30% off with code 7wData

Read Also:
The $4 trillion question: How can we protect online privacy without stifling innovation?

Big Data Innovation Summit London

30
Mar
2017
Big Data Innovation Summit London

$200 off with code DATA200

Read Also:
Evaluating business intelligence in the cloud

Enterprise Data World 2017

2
Apr
2017
Enterprise Data World 2017

$200 off with code 7WDATA

Read Also:
The Potential for Blockchain to Transform Electronic Health Records

Data Visualisation Summit San Francisco

19
Apr
2017
Data Visualisation Summit San Francisco

$200 off with code DATA200

Read Also:
Evaluating business intelligence in the cloud
Read Also:
The rise of self-learning software

Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
Data enrichment records for 200 million people up for sale on the Darknet

Leave a Reply

Your email address will not be published. Required fields are marked *