A new phishing campaign that uses the malware WikiLoader to install the banking trojan, stealer, and spyware known as Ursnif (also known as Gozi) is targeting Italian organizations.
In a technical analysis, Proofpoint described the malware as “a sophisticated downloader with the objective of installing a second malware payload.” The malware was probably created as malware that could be rented out to specific cybercriminal threat actors and uses a variety of evasion techniques to avoid detection.
The malware called WikiLoader is so named because it requests information from Wikipedia and checks to see if the return contains the phrase read more Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.