Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years.
After staying dormant for few years, the Kronos banking trojan resurfaced in July in a form dubbed Osiris. A wider analysis of how the banking trojan is evolving shows innovative development on the part of its authors, with an eye to broader malware trends.
Osiris first appeared in July in three distinct campaigns targeting Germany, Japan and Poland over the summer. It was clear that it’s based off of the Kronos malware which led the financial crime pack for many quarters after it surfaced in 2014 (it is itself a descendant of the infamous Zeus banking code).