Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Bank of America customers targeted by a new malware campaign

Security experts at AppRiver detected a traffic spam spike linked to a new malware Campaign Targeting customers of Bank of America. Bank of America is being targeted by a new malicious campaign, cybercriminals are spreading a stealthy malicious financial malware to hit the clients of the financial institution. Security experts at AppRiver recently detected and blocked a set of […]

Bank of America customers targeted by a new malware campaign

Security experts at AppRiver detected a traffic spam spike linked to a new malware Campaign Targeting customers of Bank of America.

Bank of America is being targeted by a new malicious campaign, cybercriminals are spreading a stealthy malicious financial malware to hit the clients of the financial institution.

Security experts at AppRiver recently detected and blocked a set of virus campaigns that use new and novel tactics designed specifically to beat filtering engines. A common factor of the wave of attacks based on these set of malware is the enormous volumes of traffic being sent to data centers. Analysts at AppRiver revealed that the overall volume of traffic was three times than normal .

This week AppRiver experienced huge spam traffic, estimated to be from 10 to 12 times the normal amount of .
“These spikes have been driven by a tremendous increase in the number of incoming messages being sent with viruses attached.” and some user experienced delays in sending and receiving mail.
“Our data center processed 10 to 12 times the normal amount of our normal traffic. This graph will give you an idea of what we saw:”
Bank of America malware traffic

The malware campaign was arranged by crooks to spread a banking trojan, dubbed Bredo virusspecifically crafted to target the customers of the Bank of America.

The Bredolab botnet is known since 2009, the infection is propagated through malicious e-mails that includes malware attachments, in October 2010, the Dutch law enforcement conducted a large operation against the botnet seizing 143 LeaseWeb servers used as command & the control server.

Bredo virus, as many other similar malicious code, includes data stealing capability and also a key-stroking features.

Bank of America spammed email

The malware could be used also as downloader because it can also download other malicious payload on the compromised machine.

“The software may also have abilities to further infect a system by downloading more malware on to the machine. “

Lesson learned malware never die.

Pierluigi Paganini

(Security Affairs –  Bank of America, malware)