 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Karius| Names | Karius | |
| Category | Malware | |
| Type | Banking trojan, Info stealer, Credential stealer | |
| Description | (Check Point) The Check Point Research team recently came across one such banking Trojan under development and already being distributed through the RIG Exploit Kit. Dubbed ‘Karius’, the Trojan aims to carry out web injects to add additional fields into a bank’s legitimate login page and send the inputted information to the attacker. While Karius is not yet in full infection mode, initial tests have already been made and our research below shows the evolution of how such malware takes place. Our analysis also shows how banking trojans such as Karius are put together and makes use of code from other well-known bankers such as Ramnit, Vawtrak and TrickBot. | |
| Information | <https://research.checkpoint.com/2018/banking-trojans-development/> <https://dissectmalware.wordpress.com/2018/03/28/multi-stage-powershell-script/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.karius> | |
Last change to this tool card: 23 May 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
Unknown groups | |||||
 | _[ Interesting malware not linked to an actor yet ]_ | ||||
1 group listed (0 APT, 0 other, 1 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |