Latest Spam Phishing Attack Has IcedID Variant

Carrying out spam campaigns by email (phishing) is one of the most widely used means of introducing banking trojans into user devices. Recently, Kaspersky researchers detected a slew of messages containing a new version of the IcedID banking trojan. The trojans are frequently distributed with English messages with ZIP attachments containing the malware.

This IcedID campaign appears to have primarily focused on targets based in China. Other campaigns have reached more countries, including India, Italy, the United States, and Germany.

Our new threat report, Latest Spam Phishing Attack Has IcedID Variant looks at how the IcedID trojan:

  • steals bank credentials from victims who use the affected banking entities’ mobile applications on their devices
  • includes functionality that allows attackers to see text messages received on infected devices
  • uses overlays/phishing injections that detect and display when victims open legitimate applications

Download the Report!

Download this Resource

Sign up for our newsletter

Stay Up-to-Date on Financial Risk Management