South Korean Financial Companies Targeted by Castov
Contents
The financial malware landscape is constantly evolving, cybercriminals are becoming more knowledgeable about the financial sector, and attacks are becoming more sophisticated. We’ve recently released a report, “The World of Financial Trojans,” describing the different features and techniques used by banking malware. It would seem that the choices made by the malware authors concerning these techniques and features depend on the cybercriminals’ financial resources and market knowledge.
In most cases financial malware favors exploit kits as their infection vector. In the past few months we have been actively monitoring an exploit kit, called Gongda, which is mainly targeting South Korea. Interestingly, we have come across a piece of malware, known as Castov, being delivered by this exploit kit that targets specific South Korean financial companies and their customers. The cybercriminals in this case have done their research on the South Korean online financial landscape.
Figure 1. Heatmap of Gongda IPS detections for …
In most cases financial malware favors exploit kits as their infection vector. In the past few months we have been actively monitoring an exploit kit, called Gongda, which is mainly targeting South Korea. Interestingly, we have come across a piece of malware, known as Castov, being delivered by this exploit kit that targets specific South Korean financial companies and their customers. The cybercriminals in this case have done their research on the South Korean online financial landscape.
Figure 1. Heatmap of Gongda IPS detections for …