Cybersecurity expert provide an insight below on IcedID banking trojan and why it is an interesting malware.

Experts Comments

August 17, 2020
Chloé Messdaghi
VP of Strategy
Point3 Security
IcedID is a particularly interesting malware in that it first checks to see if a victim is working in a virtual environment or a debugged environment. It actually looks for that configuration automatically and, if you’re not, then the malware continues to do the work it was set up to do – inject malicious code. With regards to the content of the phishing emails, these give us a couple of good reminders that should be shared with employees: Macros should not be enabled by default. If a.....Read More
IcedID is a particularly interesting malware in that it first checks to see if a victim is working in a virtual environment or a debugged environment. It actually looks for that configuration automatically and, if you’re not, then the malware continues to do the work it was set up to do – inject malicious code. With regards to the content of the phishing emails, these give us a couple of good reminders that should be shared with employees: Macros should not be enabled by default. If a document ever asks you to enable it, verify with the sender first. Making a request to enable macros should raise a flag. Same thing with a .zip file. Always double-check with the sender before opening a .zip file. Just reach out real quick – it’ll save you from potentially having a really bad day. These attackers are using the current COVID-19 pandemic to their advantage, and this is the human nature side of cybersecurity. We’re all a little scared because we feel completely out of control. So you have people who are already mentally overwhelmed, and then an email comes through related to that same topic people are overwhelmed with (COVID-19), and that makes it a lot easier to get people to click. Bad actors usually need to put some kind of effort into researching how to get their victims to click, what would strike them enough on an emotional level? With COVID-19, there’s this one thing that everyone is so passionate about and obsessed with. It makes sense how easy it is to get people to fall for it.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.