image credit: Adobe Stock

Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan

August 1, 2023

Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware referred to as Ursnif (aka Gozi).

“It is a sophisticated downloader with the objective of installing a second malware payload,” Proofpoint said in a technical report. “The malware uses multiple mechanisms to evade detection and was likely developed as a malware that can be rented out to select cybercriminal threat actors.”

WikiLoader is so named due to the malware making a request to Wikipedia and checking that the response has the string “The Free.”

Read More on The Hacker News