By Luis Chapetti – Security Researcher
The last few years have seen some of the most aggressive Advanced Persistent Threats (APT) to date. The Real Time Protection systems at Barracuda Networks are keeping up with them as well as a new and equally aggressive campaign. The campaign is targeting Bank of America customers using their fairly new offering, CashPro, (a portal for its corporate clients to access global treasury, debt, cash management, investments, trade, foreign exchange and a variety of other financial services). It offers a new digital certificate, but really delivers a trojan horse application. The trojan, which has gone undetected by most of the larger vendors as of February 13, embeds itself deep into its new host and makes sure any saved passwords and logged keys are sent to one of many command and control centers, which also update the malware for any new feature the attackers want to add.