BackSwap Banking Trojan’s New Browser Manipulation Technique
Target: Polish online banking users
Attack Vector: Browser address manipulation
Summary: The banking industry may find itself under a new wave of malware attacks after the discovery of a new groundbreaking trojan technique. The trojan is currently able to avoid antivirus detection techniques at browser level and has been dubbed BackSwap.
Risk assessment summary: The threat is assessed as 3d MODERATE. If successful, this backdoor Trojan technique installs BackSwap malware inside infected systems. Due to the new innovative avoidance techniques used, it can be difficult to detect any changes in system behaviors. Therefore, BackSwap malware can lie undetected and enable an attacker to make bank transfers or complete other transactions against a target. The risk is also heightened as BackSwap malware may be expanded further to target other countries and banking organisations.