The banking Trojan, known to be the nightmare of global banking, has compromised the network of the bank Consorcio de Chile in the last few days.
A new case of electronic fraud against a Chilean banking institution, which has taken place in the last few days, has once more placed cybersecurity in the spotlight. Without a doubt, cybercriminals have professionalized the tactics with which they aim to compromise real safes containing large sums of money: financial institutions.
The bank itself confirmed the news, while at the same time reporting that no clients have been directly affected by this attack: “no client accounts, information, or funds have been affected, although at the moment, there are funds belonging to the bank that have yet to be recovered”.
The latest victim of Emotet, the banking Trojan known as the nightmare of global banking, is the Chilean bank, Consorcio. The Trojan gained access to the network using a common phishing attack, although its polymorphism is what has made it so popular.
Getting to know EMOTET
Emotet is the most widely used and most dangerous banking Trojan known today. It affects a large number of banking institutions all over the world. As well as infecting and acting as a bot, it is able to steal passwords and to spread like a worm. Emotet can get onto computers via email, a link, phishing, as an entry in an Excel spreadsheet, in a Word document, as an update request, etc.
After the attack experienced by Banco de Chile in May, with a total of $10 million USD stolen, cybersecurity made headlines all over the country. In this new case, Consorcio has been compromised by an as yet unidentified gang, and is trying to recover close to $2 million USD.
How did it get into Banco Consorcio?
According to PandaLabs, once Emotet gets onto a network, it infects all the computers connected to it in minutes, and these computers then await orders from the Trojan’s C&C. It is normally used to steal credentials and to send out spam, but it can also be used to encrypt the entire network.
On this occasion, it made its way into the bank with a supposed Word update, which was executed by an employee after receiving it in an email. Inside this ‘update’ was hidden the Trojan, using the Emotet botnet.
Advanced cybersecurity solutions, the best protection against Emotet
What makes this Trojan truly dangerous is its capacity to automatically change the code that it contains, making it more difficult for an antivirus to detect the signature that it leaves.
Panda Security, with its advanced cybersecurity solution, Panda Adaptive Defense, has technology specifically developed to detect this banking Trojan. “It is important to bear in mind that, without advanced protection, the client will be infected. There are constant campaigns with this Trojan, and a traditional antivirus isn’t going to detect them,” states Pedro Uría, Director of PandaLabs.
At Panda Security, we recommend the installation of Panda Adaptive Defense in lock mode to combat this Trojan, which belongs to the largest Trojan distribution network in the world.