Compromised Japanese porn websites distribute banking trojan
Attackers have compromised popular Japanese adult websites in order to distribute a trojan that is primarily targeting customers of two major banks in the country; however, the malware could easily be repurposed for use in the U.S., according to researchers with ESET.
The Aibatook trojan is capable of constantly monitoring browsing activity, modifying visited web pages, redirecting to web pages, and constantly monitoring and exfiltrating information entered into web forms, Joan Calvet, a malware researcher with ESET, told SCMagazine.com in a Wednesday email correspondence.
Aibatook was first identified in late 2013, but the operators updated the malware in April for use specifically against two major Japanese banks, and more broadly against other Japanese companies, in a campaign only targeting users of Internet Explorer, according to a Wednesday post.