Hand of Thief
Linux users were targeted by this financial data-stealing trojan, which was being sold on Russian underground forums. While the first version included standard malicious functionalities, sellers intended to add a suite of web injections that increased its price tag.
Considered by researchers to be the most sophisticated trojan that targets Android smartphones, this virus exploits two previously unknown vulnerabilities in the mobile platform to send text messages to premium-rate numbers and download additional malware.
This malware infected money machines in Mexico through using specific key sequences on an ATM keypad. By doing so attackers are able to dispense cash. While the malware first used only the Spanish language, an English-version was later discovered.
Capable of stealing credit card data from point-of-sale systems, researchers believe this trojan is an updated version of the Dexter malware. The virus is able to detect card readers, grab information from the Windows machines attached to the readers, and send the data to control servers.
Considered the worlds largest spam botnet, there seems to be no end to Cutwail. This year it resurfaced as a cyber gang opeted to distribute their malware via the new Magnitude exploit kit, rather than BlackHole. Cutwail is known for delivering financial malware, such as Zeus and Gameover.
This data stealer is designed to collect users personally identifiable information straight from point-of-sale systems. Originally discovered in December 2012, a variant is responsible for the loss of tens of millions of rand (millions of U.S. dollars) from banks in South Africa this year.
The security industry hasnt seen the end of this banking trojan, even though some of its operators have been apprehended. The most recent version has infected thousands of machines in the U.S. and targets the master boot record of IE users to ultimately steal financial information.
This data-highjacking trojan that targets U.S. users as part of an international campaign that includes Austria, Switzerland, and Belgium. Primarily spread via phishing emails, the malware lies dormant on victims machines for 15 minutes before communicating with its C&C server.