Inscrivez-vous maintenant pour un meilleur devis personnalisé!

Hackers target Italian corporate banking clients with web injection toolkit drIBAN

Le 05 mai 2023 Hi-network.com

Italian corporate banking clients have been the target of an ongoing financial fraud campaign using a web-inject toolkit called drIBAN. The main objective is to modify legitimate bank transfers made by victims by changing the beneficiary and transferring the money to a fraudulent bank, Cleafy researchers stated. 

The use of web injects is a well-established tactic. It allows the malware to inject custom scripts on the client side via a man-in-the-browser (MitB) attack, intercepting traffic to and from the server. Fraudulent transactions are often carried out using what's known as an Automated Transfer System (ATS), capable of bypassing anti-fraud systems.

Hackers target Italian corporate banking clients with web injection toolkit drIBAN 2

Over the years, the operators behind drIBAN have become increasingly adept at evading detection and developing effective social engineering strategies. They have also established a long-term foothold in corporate banking networks. According to Cleafy, 2021 was the year of the evolution of the classic banking Trojan operation into an advanced persistent threat.

tag-icon Tags chauds: Sécurité des réseaux La cybersécurité

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.