Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.
By Itzik Chimino; Co-authored by Limor Kessem | Ophir Harpaz As part of the ongoing research into cybercrime tools targeting users of financial services and e-commerce, IBM X-Force analyzes the tactics, techniques and procedures (TTPs) of organized malware gangs, exposing their inner workings to help diffuse reliable threat intelligence to the security community. In recent analysis of IcedID Trojan attacks, our team looked into how IcedID operators target e-commerce vendors in the U.S., the gang's typical attack turf. The threat tactic is a two-step injection attack designed to steal access credentials and payment card data from victims. Given that the attack is separately operated, it's plausible that those behind IcedID are either working on different monetization schemes or renting botnet sections to other criminals, turning it to a cybercrime-as-a-service operation, similar to the Gozi Tojan's business model. To read the rest of the blog, please go to https://securityintelligence.com/icedid-operators-using-atsengine-injection-panel-to-hit-e-commerce-sites/.
#Trusteer
Copy
By
Kelly Lappin
posted