Banking Trojan, Terdot, was first discovered in 2016 and has since evolved its attack based on recent studies. Initially designed to operate as a proxy to conduct man-in-the-middle (MitM) attacks, steal browsing information such as stored credit card information and login credentials and injecting HTML code into visited web pages.
Bitdefender discovered that #Terdot now been revamped with new espionage capabilities such as leveraging open-source tools for spoofing SSL certificates in order to gain access to social media and email accounts and even post on behalf of the infected user. Terdot can target #socialmedia networks including #Facebook, #Twitter, #GooglePlus, and #YouTube, and email service providers including Google’s #Gmail, Microsoft’s live.com, and #Yahoo Mail.
The #bankingtrojan is mostly being distributed through websites compromised with the SunDown Exploit Kit. If clicked, it executes obfuscated JavaScript code that downloads and runs the malware file. In order to evade detection, the Trojan uses a complex chain of droppers, injections, and downloaders that allow the download of Terdot in pieces.
To read more about this cyber attack click here.
In the result of your company being compromised by a banking trojan similar to Terdot, Evolve MGA cyber policy, EVO 3.0, covers policyholders in the event their cloud data is hacked, lost, or stolen.