A malware known as Trojan .Odinaff is giving work to financial organizations worldwide. Focused on companies operating in the banking, securities trading and payroll, attacks are discrete and sophisticated.
The attacks require complex operations such as methodical implementation of a series of back light doors. Although it is difficult to perform, this kind of attack can be highly lucrative for cybercriminals.
The Odinaff attackers use a variety of methods to break into the networks of organizations. One of the most common is through bait document containing a malicious macro. If the recipient activate macros, the Odinaff will be installed on the computer.
The Trojan.Odinaff is used to perform the initial invasion, while other tools are deployed to complete the attack. A second piece of malware known as Batlle ( Backdoor .Batel) is installed to run payloads only in memory, which means that the malware can maintain a stealthy presence on infected computers.
The ciberatacantes make extensive use of a range of lightweight hacking tools and legitimate software tools to scour the network and identify the main computers.
Attacks using Odinaff are being recorded since January this year, and the most affected country is the United States (25%), followed by Hong Kong (20%), Australia (19%) and the UK (12%) .
Subscribe to our channel and learn more about technology