Skip to main content

Gozi Trojan Turns to Dark Cloud Botnet

posted onMarch 7, 2018
by l33tdawg

The well-known and widely distributed Gozi ISFB banking Trojan has a new trick up its sleeve: It has been making use of the elusive Dark Cloud botnet for distribution in a series of recent campaigns.

According to Cisco Talos intelligence, the campaigns started during the fourth quarter of 2017 and have continued into 2018, with new campaigns being launched every week. They’re relatively low volume and targeted to specific organizations, and some of the mails are even localized.

“They do not appear to send large amounts of spam messages to the organizations being targeted, instead choosing to stay under the radar while putting extra effort into the creation of convincing emails, in an attempt to evade detection while maximizing the likelihood that the victim will open the attached files,” researchers said in a blog.



Industry News

You May Also Like

Recent News

Tuesday, March 20th

Monday, March 19th

Friday, March 16th

Thursday, March 15th

Wednesday, March 14th

Tuesday, March 13th