216.73.217.64

European Banks Already Under Attack by New Malware Variant

· Published 25/09/2024 12:54 · Modified 26/09/2024 13:39

Export JSON

Essential information

Published
25/09/2024 12:54
Modified
26/09/2024 13:39
Tags
2024-09-25 banking trojan coper dga exobot exobotcompact mobile malware octo2 zombinder
Related entities
1 intrusion sets (apt), 1 techniques (mitre), 1 malware, 1 others

Description

A new version of the Octo malware, named , has emerged as a significant threat to European banks. This variant builds upon the capabilities of its predecessor, which was already a dominant force in . features improved remote access capabilities, sophisticated obfuscation techniques, and a Domain Generation Algorithm () for communication with command and control servers. Initial campaigns have been observed in Italy, Poland, Moldova, and Hungary, targeting banking applications. The malware's developers have focused on enhancing stability for Device Takeover attacks and implementing advanced anti-detection measures. With the original Octo source code leaked, represents an escalation in the mobile threat landscape, posing increased risks to mobile banking security worldwide.

External references