Google Cloud Used by Telax 4.7 Banking Trojan in Malicious Attacks

malwares-todo-o-mundo-sensorstechforumJust because a malicious attack is happening in a region across the globe doesn’t mean that your country will be spared. Malware moves fast, and is currently out of control. No one seems to be spared or protected enoughincluding Google.

Telax banking Trojan has been discovered exploiting Google’s Cloud platform and targeting Portuguese-speaking users in Brazil.

Prior to being detected by the security researchers at Zscaler, the malicious campaign had been active for quite some time. According to the research, mais que 100,000 users had been affected by it. Victims were tricked by social engineering schemes (phishing) and were prompted to click on malicious bit(ponto)ly links. Classic approaches were used, such as luring users with the help of fake promotions, cupons, free applications like Avast and WhatsApp.

Telax Version 4.7 Malicious Payload

By clicking on the malicious link, a download of a .com or .exe file hosted on Google Cloud was triggered. Once the file was executed, the installation a payload downloader was initiated. A payload downloader is a computer threat aimed at downloading and installing other malware. The payload download in this particular attack was downloading the Telax banking Trojan. The version used in the scenario was discovered to 4.7. Para agora, only customers of Brazilian banks have fallen victims of Telax banking malware.

Detalhes técnicos

De acordo com pesquisadores, Telax is a sophisticated and complex Trojan with modular structure. Its command & control server was used to exfiltrate harvested information. Telax was also compatible with both 32 e sistemas de 64-bit. Another sophisticated feature found within the Trojan’s design was its ability to check for reverse engineering environments.

além do que, além do mais, Telax was also equipped with tools to capture and omit two-factor authentication.
The campaign was active in October. It was stopped when Google took down the malicious files hosted on its cloud service.

Banking Malware Is on the Rise

With the arrival of the winter holidays, banking malware is one of the biggest online threats. A new term has been coined for this particular time of the year – Malware Natal.

Here are several tips to follow to protect your banking information:

  • Aplique online access to your credit card via the credit card’s issuer page.
  • Make sure to check regularly your credit statement and verify your transactions.
  • Look for suspicious $1 charges – crooks would check if your card works by making such ‘donations’.
  • If a suspicious transaction is present in your bank card statement, contact your bank immediately. Fraudulent charges may be reversed, and your account would be frozen to keep crook activities from continuing.
  • In case of a security breach in a company you are a customer of, be extra cautious. Your credentials and balance may not be hurt, but this is not a guarantee for your future safety. Contact your bank for advice. Além disso, Tenha em mente que cyber criminals may hold on to a stolen credit card number. The 16-digit credit card number is often sold on the black market.
  • Be smart and protect your personal information:
    • – Endereço;

      – Número da Segurança Social;

      – Data de nascimento;

      PIN codes;

      – dados bancários;

      Website logins;

      Web searches.

  • Sustain a powerful anti-malware tool. Sometimes several tools for user protection can be applied to decrease the possibility of an attack to the minimum. Além disso, improve your browser’s settings and browsing habits.
  • Avoid using the ‘remember password’ option. Em vez de, keep all your logins and credentials offline, and change them frequently. Use stronger passwords – combinations of numbers and upper case letters, symbols etc.

digitalizador Spy Hunter só irá detectar a ameaça. Se você quiser a ameaça de ser removido automaticamente, você precisa comprar a versão completa da ferramenta anti-malware.Saiba Mais Sobre SpyHunter Anti-Malware Ferramenta / Como desinstalar o SpyHunter

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar