Vawtrak banking Trojan: a threat to the banking ecosystem
August 19, 2016
Today marks the start of c0c0n International Cyber Security and Policing Conference 2016 where our Labs Research expert, Raashid Bhat, will be sharing insight into the threats posed by the Vawtrak Trojan, one of the most prevalent banking Trojans around today. It promises to be an unmissable session based on Raashid´s recent in-depth technical investigation into the behavior of Vawtrak malware and how it´s executed.
c0c0n International Cyber Security and Policing Conference 2016 takes place 19-20 August at The WelcomHotel Raviz Ashtamudi Resort and Ayurveda Spa, Kerala, India. The two-day event boasts a packed agenda focusing on Policy and Strategy as well as Technical subject matter including Panel sessions and live demos.
Vawtrak malware, also known as Neverquest or Snifula, is commonly distributed via spam email. The banking Trojan is known to steal credentials, log keystrokes, use the host as a proxy and provide the attackers with remote access to infected machines. Behind the malware sits a complex infrastructure involving two cybercriminal groups who have the capability to distribute the Trojan using custom targeting and localization and profit from a paid service operating model.
Stay tuned for the Blueliv report coming in early September that will offer a detailed look at exactly how these groups collaborate to distribute and execute the malicious banking Trojan. The report shares the output of our in-house Labs team´s investigation into Vawtrak using the Blueliv threat intelligence platform and tools to perform sophisticated sandbox analysis.
Get in touch with firstname.lastname@example.org to receive a notification when the report is released. Until then, join the Blueliv Threat Exchange Network to collaborate with other industry peers, share knowledge, and strengthen your organization´s security profile.