Q
Manage Learn to apply best practices and optimize your operations.

What new Asacub Trojan features should enterprises watch out for?

The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for.

New research from Kaspersky Lab claims that the Asacub Trojan has morphed from spyware into more sophisticated...

banking malware. How did Asacub evolve into a greater threat? What are the new features of this banking Trojan that enterprises should be aware of?

It seems that the natural course of malware evolution is for subsequent versions to target financial institutions to make money. The Asacub malware quickly made this transition into banking malware, according to Kaspersky Lab. An early version of the Asacub Trojan from June 2015 targeted the SMS messages on an infected device and a sample from July 2015 had significantly more functionality, including remote control via a reverse shell. A version from September 2015 now has logos for Russian, Ukrainian and U.S. banks, and later versions have functionality to target a mobile banking application. The Asacub malware was most likely installed through standard social engineering attacks where the target was told to click on a link to view a video that appealed to the recipient.                                                           

The newest Asacub functionality, added in late 2015, appears to use a custom network protocol for more automated control of the endpoint, with a command-and-control system much like advanced Windows malware, which has additional remote control functionality. This version of Asacub can surveil the mobile device by uploading a copy of the SMS messages, and it now also has functionality for tracking the GPS and taking pictures with the camera, so it may not be limited to just targeting mobile banking.

Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Find out how Vawtrak banking malware bypasses two-factor authentication

Learn how to mitigate risk from traffic-sniffing banking malware

Read about the worldwide banking malware attack with losses reaching almost $1

This was last published in June 2016

Dig Deeper on Malware, Viruses, Trojans and Spyware

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How does your enterprise mitigate risks from evolving malware?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close