CYBER NEWS

Vawtrak Malware with New Targets

It seems like eliminating a Trojan in this day and age is a rather impossible task. Analysts at Phishlab report that a malware piece that was active in the mid-2000s, Vawtrak, is back on the field.
vawtrak-malware-is-back

What Has Been Vawtrak Doing in the Recent Years?

Previously, Vawtrak was targeting financial institutions in Japan, but now the malware has broadened its horizons to social networks, analytic firms, online retailers and game portals. Despite the fact that people involved in the Stubhub operation have been arrested in Canada and the UK this summer, the malware does not appear to draw back anytime soon. As a matter of fact, considering the takedowns of Gameover Zeus and Shylock recently, we probably should expect an increase in the Vawtrak operations.

The experts from Phishlab detected signs from Vawtrak through the Cutwail botnet, which is the highest-volume spam-delivering operation in the world at the moment. The latest Vawtrak operation involved introducing a spam template into the Cutwail botnet that uses DocuSign and AT&T brands to lure victims into an exploit kit.

The New Targets and Capabilities of Vawtrak

As of the moment of this writing Vawtrak targets US, Australia, Canada, the UK, Turkey, and Slovakia. The latest version of the malware can gain additional personal information to exploit users by using web injects.

Authorities may encounter certain difficulties in the detection and prevention of criminal activity because of the highly advanced data-hiding tactics. The newly acquired web inject capabilities of Vawtrak allow the malware to alter encrypted data in the Web traffic. In other words – Vawtrak can now steal login credentials and activate fraudulent bank transactions within online sessions.

Vawtrak spreads to more companies, industries and should not be taken lightly. There are many protective measures that users can take:

  • Avoid checking your personal bank account statements on open networks.
  • Conduct as little personal business as possible on open networks.
  • Make sure to use the latest version of your antivirus program.
Avatar

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...