• Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap
The Hack Post
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health
No Result
View All Result
The Hack Post
No Result
View All Result

Terdot: Banking Malware-Espionage Tool Stealing Social Media and Email Accounts

Haider Ali Khan by Haider Ali Khan
November 20, 2017
Terdot Banking Malware
Share on FacebookShare on Twitter

Zeus malware is back with a vengeance. A spin-off of the banking trojan, now with revamped espionage capabilities, was recently discovered by security researchers.

It’s called Terdot, a trojan that’s been active since mid-2016 and highly customized to conduct (MitM) man-in-the-middle attacks to intercept any traffic on an infected computer. The malware was also designed to inject HTML code or spyware into visited pages, steal banking credentials and credit card information. Commonly targeted websites include the Bank of Montreal, Banque Nationale, Desjardins, PCFinancial, Royal Bank, Scotiabank, and many other Canadian institutions.

Terdot wants more. The Zeus-derived banking trojan is out to get social media and email accounts.

Targets include popular social networks Facebook, Google Plus, Twitter, and YouTube, whereas the banking trojan could even post on the infected user’s behalf. Google’s Gmail, Microsoft’s live.com, and Yahoo Mail are among the afflicted email service providers. This new focus has the potential to make Terdot an extremely powerful cyber espionage tool.

Terdot

Bitdefender researchers have observed Terdot in malicious emails bearing a fake PDF icon. When clicked, obfuscated JavaScript code is executed to download and run the malware. Terdot is also delivered mostly on websites compromised with the SunDown Exploit Kit. Utilizing a complex chain of droppers, injections, and downloaders, Terdot evades detection as downloads are done in installments.

Terdot can then successfully intercept and modify any data victims send to their bank or social media account in real-time. Not only that, the banking trojan can spread itself through posting fake links on other social media accounts. It’s interesting how the malware apparently skips on gathering data from VKontakte, Russia’s largest social media platform, which somehow hints the actors behind the new variant may be from Eastern Europe.

Tags: BankingMalwareTerdot
Haider Ali Khan

Haider Ali Khan

Founder, content creator and writer of The Hack Post. I am an independent cyber security researcher and ethical hacker. I am passionate and committed to educating the world to spread information and expose the threats that exist online. I have a vast span of knowledge and experience in the field of hacking and I’m here to share it all with everyone else.

Next Post
Facebook, Twitter and YouTube Gets Blocked in Pakistan

Facebook, Twitter, YouTube, Instagram and Dailymotion Goes Down: Blocked By ISP Providers in Pakistan

Latest Articles

Playing With Power Thrills On Four Wheels
Entertainment

Playing With Power: Thrills On Four Wheels

November 28, 2023
The Role of IoT in Facilities Management: A Deep Dive into Smart Operational Workflow Solutions
Business

The Role of IoT in Facilities Management: A Deep Dive into Smart Operational Workflow Solutions

November 28, 2023
TV Shows That Have Earned Prestigious Awards
Entertainment

TV Shows That Have Earned Prestigious Awards

November 27, 2023
Building Excellence Top Fabrication Materials in Construction
Business

Building Excellence: Top Fabrication Materials in Construction

November 27, 2023
Securing Your Investment How Is Physical Gold Delivered?
Business

Securing Your Investment: How Is Physical Gold Delivered?

November 27, 2023
5 Reasons to Study Law
news

5 Reasons to Study Law

November 27, 2023
3 Times When You Need to Use a Video Measuring Machine
Technology

3 Times When You Need to Use a Video Measuring Machine

November 24, 2023
What We Can Learn from Automation in the Home Industry
Technology

What We Can Learn from Automation in the Home Industry

November 23, 2023
Key Things to Think About When Changing Your Engine
news

Key Things to Think About When Changing Your Engine

November 20, 2023
End of the Road What to Do with a Dead Car - Exploring Your Options
news

End of the Road: What to Do with a Dead Car – Exploring Your Options

November 18, 2023
Unraveling the Differences Between Shrimp and Prawn
Science / Health

Unraveling the Differences Between Shrimp and Prawn

November 18, 2023
Becoming a Game Developer Essential Requirements and Key Skills for Success
Technology

Becoming a Game Developer: Essential Requirements and Key Skills for Success

November 18, 2023
  • Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap

The Hack Post © 2019

No Result
View All Result
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health

The Hack Post © 2019