• Admin

Windows Vulnerable To New Financial Malware, But There's A Fix

Published: October 27, 2020 on our newsletter Security Fraud News & Alerts Newsletter.



Remember when having a bank account meant your money was safe, secure, and available when you needed it? Well, not so much anymore. Thanks to bad actors’ intent on stealing your money, financial malware continues to be the scourge of financial institutions and the customers who trust them. A recent finding by Microsoft led to the tech giant alerting its users to an info-stealing banking trojan known as Anubis. In addition to attacking traditional sources of finance like banks and payment cards, Anubis has added cryptocurrency (e-currency) wallets to its list of targets. Microsoft says all those using their Windows operating system are vulnerable to Anubis attacks.


Anubis or Not Anubis?


If Anubis malware sounds familiar, there’s a good reason for that. Two years ago, an Android financial malware named Anubis was discovered by cybersecurity experts. Microsoft Security Intelligence (MSI) explains the newly discovered Anubis is simply a coincidence in name only, and the two are unrelated. This most recent Anubis was identified underground in June of this year but wasn’t actively being distributed at the time. Microsoft, however, now warns their operating system users that Anubis is now available for active attacks.


In a recent tweet to cryptocurrency investors, Microsoft announced the “new info-stealing malware” first seen underground on the dark web, is “now actively distributed in the wild…and uses code forked (copied) from LokiBot malware to steal system info, credentials, credit card details, cryptocurrency wallets.” LokiBot is a notorious info-stealing banking trojan, and Anubis used LokiBot’s code to build its own stealthy variety of info-stealing malware.


The Anubis Solution


If you’re now wondering how to protect your device (and money) from Anubis malware, keep reading because there’s good news. That is, Microsoft has the answer to Anubis problems for all of their operating system users. Microsoft Windows Security is built-in to Windows 10, including an antivirus program called Microsoft Defender Antivirus. For those devices using earlier versions of their operating system, Windows Security is called Windows Defender Security Center. No matter what version of their operating system, MSI reports Anubis can be detected and stopped using their built-in Microsoft Defender.


MSI commits to tracking the Anubis malware so Windows users will remain updated and safe. Although this malware attack is manageable, it’s a reminder to keep digital asset data and other financial details secured. As with any software, make sure patch updates for Defender are implemented immediately as updates often include security bug fixes. In general, any device should have anti-virus protection installed and kept updated, regardless of the operating system.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com

0 views0 comments