1. New Variant of Dangerous Kronos Banking Malware Spreading via Malicious Word Documents
A new variant of Kronos Banking Trojan appeared in wild targeting users. The Trojan first appeared in 2014 and disappeared after a few years.
With the new variant of Kronos Banking Trojan, it uses the Tor anonymizing network for establishing communication with the command and control server.
The banking Trojan uses man-in-the-browser techniques to inject and modify the web pages of financial institutions to steal credentials, account information, other user information, and money through fraudulent transactions. It also has keylogging and hidden VNC as an added functionality.
With the 2018 version it shares the same similarities with the older versions, the only major change is the URLs anonymized with TOR network.
Cyber Security Tips: (For Safe Banking)
- Always remember that any of your bank’s representatives never send you email/SMS or call you over phone to get your personal information, password or one time SMS.
- Never click on any links provided in the emails.
- Always log on to a banking site by typing the proper URL in the address bar.
- Immediately change your passwords if you have accidentally revealed your credentials to anyone.
- Before providing your user id and password, ensure that the URL of the login page starts with the text ‘https://‘ and is not ‘http://’.
- Ensure that you have installed the latest anti-virus/anti spyware/activated firewall/security patches on your computer or even your smart phones.