Retefe Banking Trojan Targets UK Banking Customers

Hi guys,

As previously reported by  Paloalto Research ‘Retefe banking Trojan’ has been around for some time, targeting Sweden, Switzerland and Japan. Recently Retefe had been targeting customers in UK banks. It uses fake certificates to trick customers into revealing their login credentials.

At first, the victim receives a document with an embedded malicious JavaScript file per email. The document contains a very small image with a note asking the user to double click on it to view it better. After double clicking, the malicious embedded JavaScript is executed. The document has a notice message in German, however, the Trojan banker is targeting users in UK.

Read the full analysis with images at:

Source: Akati

Comments are closed.