The malware listens for the target URL from the list (of financial institutions) and, once it encounters a trigger, executes a designated webinjection. The webinjection sends the victim to a fake bank site set up in advance to match the one originally requested,” researchers wrote.
It performs a smart trick:
To thwart detection by the end user, the malware redirects traffic at the same time keeping the bank’s correct URL in the address bar. That live connection also means the bank’s correct SSL certificate always shows
For More
https://threatpost.com/new-icedid-trojan-targets-us-banks/128851/
No comments:
Post a Comment