New Ursnif variants being tested in the wild are using redirection attacks to target Australian banks and malicious TLS callback techniques to achieve process injection. The malware is based on the same code as the original Ursnif trojan, aka Gozi ISFB, but features modifications to the code injection level and to attack tactics, IBM Executive Security Advisor Limor Kessem said in a Nov. 28 blog post.
View full story
ORIGINAL SOURCE: