 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Matrix Banker| Names | Matrix Banker RediModiUpd | |
| Category | Malware | |
| Type | Banking trojan, Credential stealer | |
| Description | (Arbor) This post takes a look at a new banking malware that has, so far, been targeting financial institutions in Latin America—specifically, Mexico and Peru. Initially, we’ve called it “Matrix Banker” based on its command and control (C2) login panel, but it seems that “Matrix Admin” is a template available for the Bootstrap web framework. Proofpoint calls it “Win32/RediModiUpd” based on a debugging string from an earlier sample. The malware is under active development, but as with some of the other banking trojans we’ve analyzed, it’s difficult to assess how far and wide this threat will go while it’s still so new. | |
| Information | <https://www.netscout.com/blog/asert/another-banker-enters-matrix> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.matrix_banker> | |
Last change to this tool card: 22 May 2020
Download this tool card in JSON format
Previous: Matiex
Next: Matryoshka RAT
| Changed | Name | Country | Observed | ||
Unknown groups | |||||
 | _[ Interesting malware not linked to an actor yet ]_ | ||||
1 group listed (0 APT, 0 other, 1 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |