Poisoned Search Results Deliver Banking Malware

November 6, 2017


Cybercriminals are using novel approaches to poison Google search results in the hope of infecting users with a banking Trojan called Zeus Panda, researchers at Cisco said.

Attackers behind the Google poisoning attempts are targeting primarily keyword searches related to finance in order to drive victims to booby-trapped websites where malicious Word documents are used to download the banking malware.

“The overall configuration and operation of the infrastructure used to distribute this malware was interesting as it did not rely on distribution methods that Talos regularly sees being used for the distribution of malware,” wrote co-authors Edmund Brumaghin, Earl Carter and Emmanuel Tacheau of a report published Thursday.

Read More on Threat Post