This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Researchers at Trend Micro discovered a new social engineering-based malvertising campaign targeting Japanese users with a malicious application disguised as a free porn game, a reward points application, or a video streaming app.
The malicious application uses a sideloading methodology to show the victim arbitrary web pages and ultimately deploy the Cinobi banking trojan. Researchers say that the malvertising campaign shares much in common with the Cinobi banking trojan they identified last year, but consider it to be a rebranded version of it. The campaign’s configuration remained the same, except that it targets a list of cryptocurrency exchange websites in Japan.
Last year, researchers at Trend Micro unearthed a new banking trojan which was dubbed as Cinobi Banking Trojan. The banking malware was a part of a campaign called “Operation Overtrap”. The campaign was operated by a malicious group known as “Water Kappa”. The malicious group has deployed the trojan in two ways: either via spam or making use of the Bottle exploit kit that contained CVE-2020-1380 and CVE-2021-26411 (2 Internet Explorer exploits). Interestingly, only Internet Explorer users were targeted through these malvertising attacks.
Throughout 2020 and the first half of 2021, researchers noticed limited activity from the malicious group, wi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Cinobi Banking Malware Targets Japanese Cryptocurrency Exchange Users via Malvertising Campaign