From 1bd8293901e3d03f9c7f5bb4dc976e4c218f048c Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Wed, 22 Nov 2017 11:38:35 +0100 Subject: [PATCH] add IcedID banker --- clusters/banker.json | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/clusters/banker.json b/clusters/banker.json index d1dc99b5..8caacc74 100644 --- a/clusters/banker.json +++ b/clusters/banker.json @@ -461,7 +461,7 @@ ], "date": "Discovered in 2010" }, - "description": "Banking trojan based on Zeus V2. Murofet is a newer version of Licat found ~end of 2011 ", + "description": "Banking trojan based on Zeus V2. Murofet is a newer version of Licat found ~end of 2011", "value": "Licat" }, { @@ -471,11 +471,22 @@ ], "date": "Discovered end of 2012" }, - "description": "Skynet is a Tor-powered trojan with DDoS, Bitcoin mining and Banking capabilities. Spread via USENET as per rapid7. ", + "description": "Skynet is a Tor-powered trojan with DDoS, Bitcoin mining and Banking capabilities. Spread via USENET as per rapid7.", "value": "Skynet" + }, + { + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/new-icedid-banking-trojan-discovered/", + "https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/" + ], + "date": "Discovered in September 2017" + }, + "description": "According to X-Force research, the new banking Trojan emerged in the wild in September 2017, when its first test campaigns were launched. Our researchers noted that IcedID has a modular malicious code with modern banking Trojan capabilities comparable to malware such as the Zeus Trojan. At this time, the malware targets banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites in the U.S. Two major banks in the U.K. are also on the target list the malware fetches.", + "value": "IcedID" } ], - "version": 3, + "version": 4, "uuid": "59f20cce-5420-4084-afd5-0884c0a83832", "description": "A list of banker malware.", "authors": [