It has been reported that a new banking malware has been discovered that is targeting bank customers in Brazil. Dubbed CamuBot, it is said to be a unique malware because it is disguised as a necessary security module of the bank. The malware can also bypass the biometric authentication feature, which is a disturbing sign.
According to IBM X-Force researchers who discovered the malware, previously discovered banking malware and Trojans worked differently. These were designed to steal online credentials by getting deployed on targeted machines and used complex stealth methods to evade detection. However, CamuBot takes a 360-degree turn in the way banking malware work by camouflaging itself as an authentic security app from the bank.
Ryan Wilk, Vice President at NuData Security:
“With this new malware, cybercriminals have yet a new way of tricking banking customers into giving up their credentials and even bypass one-time passwords. At the base of this attack we find a phishing scam. The bad actor targets a victim and gathers as much information from the victim as she can before contacting and luring the victim into a fake bank URL to download the malware, pretending it is a security update.
With this sophisticated scam, the hacker has access to the user’s bank account and can transfer money freely. This problem, which is affecting major financial institutions, is a perfect example of why passive biometrics and behavioural analytics need to be part of a layered security solution so that customers can be identified beyond their credentials, which may have been stolen with a similar scheme as this one.
Financial institutions who already have passive biometrics technology implemented can look for inherent user behavioural patterns and can detect if the user behind the device is legitimate or just a fraudster with stolen credentials. With behavioural identifiers, banks can make an informed decision on online transactions.”
