Thursday, January 27, 2022

New Malware ‘Eurograbber’ steals 36 million Euros from Banks

Researchers claim they’ve discovered a malware attack that enabled attackers to steal more than 36 million euros from more than 30,000 online banking customers in Europe.

This new malware called the “Eurograbber,” infected users’ PCs with a new edition of the Zeus Trojan, and then convinced them to download malware to their cell phones, defeating the purpose of 2-step authentication, reported researchers at security vendor Check Point Software and Versafe, an online fraud prevention vendor.

“It was a targeted, multistage, sophisticated attack that used two different Trojans to infect both the online banking system and the user’s phone,” says Darrell Burkey, director of IPS at Check Point. “It broke through both the first factor of authentication on the banking system and the second factor of authentication, which in Europe is often an SMS-based cell phone.”

The attack was advanced in that it infected the banking system first and then sent out a phishing message to customers, telling them to update the online banking software on their cell phones.

The update messages seemed to come directly from the affected bank, and a substantial percentage of clients fell for the trick and downloaded the Zitmo-based malicious software to their phones, the researchers say.


About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Exploit Kit activity on a steep decline since April

As malware writers are moving to Neutrino and RIG exploit kits (EK) for dispersal needs, security experts …