A Boston-based company named Trusteer targets banks with solutions to this problem. Among those solutions is an endpoint malware detection program named Rapport. Banks are encouraged to offer this program to their important clients so that the client computers can be secured.
So, you're a malware author, and you're looking for online banking customers to compromise. Who better to target than people who are so important to a bank that they would receive special software to protect their accounts?
That targeting is just what is happening with the latest malicious spam campaign to appear in the Barracuda Labs spam honeypots.
Only 8 out of 47 antivirus products even recognize the attached malware, which Malwarebytes does identify as Trojan.Agent.rfz.
This trojan downloads three other pieces of malware (one was already inaccessible when we ran our tests,) all of which had even worse detection ratios – only 4 out of 47 for each, although these ratios should improve as antivirus vendors catch up. Note that the periodic contact with Google.com is typical of credential stealers which do so to test internet connectivity.
Trusteer Rapport might actually intercept these downloads, although we have no way of knowing for sure. What we do know for sure is a maxim we repeat often in our blog – don't run attachments received in email unless you personally know the sender, and the contents. It is just too easy to create perfectly deceptive phishing attacks. Instead, if you are asked to install or upgrade software, insist on a URL that is hosted on a reputable site.
Christine Barry est blogueuse en chef et responsable des réseaux sociaux chez Barracuda. Son travail consiste à rédiger des articles captivants en lien avec les services Barracuda et à faciliter la communication entre le public et les équipes internes. Avant de rejoindre Barracuda, Christine a été ingénieure de terrain et chef de projet dans l'éducation et auprès de PME pendant plus de 15 ans. Elle est titulaire de plusieurs diplômes technologiques, d'une licence de l'université du Michigan, et d'une maîtrise en administration des affaires.
Connectez-vous avec Christine sur LinkedIn.