ESET security warning: banking trojan lures users into the trap with obscene images. Ousaban malware steals login credentials.
The banking Trojan Ousaban is currently active in Europe and Brazil. The malware is primarily focused on stealing login credentials for online banking as well as popular email services. ESET researchers have been following Ousaban since 2018 and have observed continuous development since then. The people behind Ousaban sometimes use obscene images to spread the malicious program. The experts from the European IT security manufacturer published their analysis on Welivesecurity.
Phishing mail with MSI file
“Ousaban is mainly distributed through phishing emails, and the distribution chain is quite simple. The victim is tricked into running an MSI attached to the phishing email. When the MSI runs, it starts an embedded JavaScript downloader that downloads a ZIP archive and extracts its contents, which consists mainly of a legitimate application, an injector and the encrypted Ousaban, ”explains Jakub Souček, ESET team coordinator that Ousaban investigated.
More at ESET.com
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.