New Banking Trojan MnuBot Discovered
Target: Brazilian online banking users
Attack Vector: A 2 stage download
Summary: A new banking Trojan malware dubbed MnuBot has been observed in the wild. The malware has a number of unique features, most noticeable is that its command and control server is a Microsoft SQL server, a highly uncommon trait. Additionally, the configuration method used to provide the authors with the ability constantly update it is also an unusual feature
Risk assessment summary: This threat is assessed at 3e MODERATE. As an active banking Trojan, the potential financial loss to a victim is high, as this is the aim of the malware. As this has, to date, only been observed active in Brazil, the risk is reduced as most Brazilian malware does not tend to leave the Latam continent However, this malware is sophisticated and there is nothing to suggest the authors would not be capable of disseminating it geographically.