Six major banks within the UK have been the target of the relaunched Ramnit Trojan, according to research by IBM’s X-Force. After a silent period of approximately eight months, it appears that Ramnit’s operators have set up two new live attack servers, as well as a new command-and-control (C&C) server. The Trojan is configured to equip the malware with webinjections that are specifically deigned to target personal banking users. Brian Laing, VP Business Development at Lastline commented below.
Brian Laing, VP Business Development at Lastline:
“Lastline’s Global Malware Knowledge base has seen an exponential explosion in Ramnit attacks across the globe, and indicates that these attacks appear to be targeted specifically at:
1. Large banking institutions
2. Government institutions
3. Large consulting organisations
In addition, Lastline can identify at least eleven (11) malware code derivatives of Ramnit, meaning that criminals are sharing code components in order to rapidly develop new attacks. We have also identified the top URLs from where these attacks are emanating.
This latest high-profile attack reinforces the absolute imperative that organisations add advanced malware detection and elimination capability to their computer and network defense fabrics, and that this malware detection capability works at the kernel level of the computer stack. Without this capability in place, attacks like the Ramnit derivatives will continue plague institutions worldwide.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…