Increase in webinject banking trojans: ESET

MUMBAI, INDIA: ESET, a provider in protection, traces the evolution of webinject banking trojans. ESET's researcher Jean-Ian Boutin's paper titled "The Evolution of Webinject" uncovers many  facts about these banking trojans.

Webinjects are used by a number of banking trojans to alter the content of a webpage when a user sees on compromised computer. The trojan is able to inject code such as JavaScript into the browser to interact with the website content and perform various actions.

This technique is quite old, but has evolved considerably in the past few years. The rise of banking trojans has also seen a rapid increase in the complexity of webinjects, further enhancing their capabilities. This has presented a perfect opportunity for many cybercriminals to specialize on webinjects, which has led to their commoditization.

When it comes to this malware, it is necessary to know that, is there a universal webinject kit that everyone is using? Jean-Ian Boutin, commented as,"Yes. Two of these kits grabbed my attention as they were used by several different banking trojan families. The first one is ATSEngine and the second one is the Injeria platform. Together they have been seen in seven different malware families and used in numerous different campaigns."