Although authorities have shuttered the Gameover Zues botnet, attackers are still stealing some of its techniques.
Researchers have discovered a variant of one of the most active banking trojans that features new attack techniques. Advanced malware researchers at IBM X-Force have caught on to a variant of the Bugat banking trojan that borrows some traits from Gameover Zeus, specifically its HTML injections, according to a blog post by Etay Maor, senior fraud prevention strategist at IBM Security.
Infections have been spreading throughout the United Kingdom and the Middle East.
Etay believes that the variant may have gotten its new traits as a result of a member of the Gameover Zeus collective joining the Bugat team, or the Bugat group reverse engineering the Gameover Zeus malware to copy the HTML injections, which made the operation “highly profitable.”