The Hacker News Logo
Subscribe to Newsletter

Researchers detected the Malware that targets the Russian stock-trading platform QUIK

Security Researcher from Group-IB (Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations) has found a new kind of malware  that targets the Russian stock-trading platform QUIK.

It was detected during several targeted attacks starting in November 2012 where Cyber criminals have traditionally targeted private and corporate banking accounts, using malware (such as variants of the ZeuS cyber-crime toolkit) to log key-strokes and extract account information.

In the last year, Group-IB has received several incoming incident fraud requests on some famous online trading and stock brokerages where systems were possibly hacked and recently trading fraudsters have diversified tactics and begun to use malware.


Group-IB has detected the first professional malware, targeted at a specialized trading software named QUIK (Quik Broker, Quik Dealer) from Russian software developers ARQA Technologies and FOCUS IVonline from New York-based EGAR Technology, which is used by many banks in the Russian Federation including Sberbank, Alfa-Bank and Promsvyazbank.
The initial act of the malware is to check the presence of these applications in the OS, then begin to monitor the user’s actions and extract information about his activity by capturing screenshots and intercepting credentials which are then sent to the C&C server.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.