MnuBot Trojan

New Banking Trojan MnuBot Discovered

Target: Brazilian online banking users

Attack Vector: A 2 stage download

Summary: A new banking Trojan malware dubbed MnuBot has been observed in the wild. The malware has a number of unique features, most noticeable is that its command and control server is a Microsoft SQL server, a highly uncommon trait. Additionally, the configuration method used to provide the authors with the ability constantly update it is also an unusual feature

Risk assessment summary: This threat is assessed at 3e MODERATE. As an active banking Trojan, the potential financial loss to a victim is high, as this is the aim of the malware. As this has, to date, only been observed active in Brazil, the risk is reduced as most Brazilian malware does not tend to leave the Latam continent However, this malware is sophisticated and there is nothing to suggest the authors would not be capable of disseminating it geographically.

Leave a Reply

Your email address will not be published. Required fields are marked *