During the attack on the network of the German Bundestag last week, performed financial malware is used. This was reported by the German anti-virus company G Data that has studied the attack. At present it is not clear whether it is a new attack, or a continuation of the attacks in late May 2015 came to light.
According to the researchers there discovered the last attack of the Swatbanker banking Trojan used. This is a Trojan horse that is specifically designed to steal money from online bank accounts, although it can get other information. Research into the configuration files in the malware has made it clear that the administrators of the botnet Swatbanker between 8 and 10 June new filter functions have applied for the domain "bundestag.btg". This is the URL of the intranet of the Bundestag.
Once active malware can all data entered into forms, such as user names and passwords, as well as data from the browser to send the attackers. Swatbanker spreads through e-mails that appear to come from German banks and telecom providers."Looking at the first analyzes, it seems to be an attack with criminal intent. But we can not exclude other motives and the attackers have copied the behavior of criminals to disguise their true intentions," says Ralf Benzmüller , head of G Data Security Labs.
No comments:
Post a Comment