Cyber Criminals Using Odinaff Trojan To Infiltrate Bank Systems

Cyber criminals are using targeting banks using a trojan dubbed Odinaff, which stealthily defrauds financial institutions by gaining control over their systems and networks.

The trojan was discovered by cyber security firm Symantec, which says it has been in undocumented use since January, likely using its discreet capabilities to remain below the radar of security professionals.

Armed with custom-built malware tools, the trojan has been designed to establish a foothold on a targeted network. Once it has done that, Odinaff can then deploy malware tools to explore the networks, steal credentials and monitor activity. The tools can also wipe infected computers to hide traces of their activity.

Odinaff can also carry another trojan called Batel as part of its payload; Batel creates a backdoor to the command and control server used by the hackers. As Batel deploys malware for in memory use, it can luck in a machine without being easily noticed.

Professional cyber crime

This stealthy operation was needed as Symantec pointed out that the Odinaff requires a high level of user interaction and control, so it is likely to have been designed by cyber criminals who which to carefully control what the trojan downloads to infiltrate a targeted network so that it does not draw attention to its presence.

The level of effort that involves suggests such attacks come from cyber criminals that have a lot to gain financially of they breach the network of a large bank.

“These attacks require a large amount of hands on involvement, with methodical deployment of a range of lightweight back doors and purpose built tools onto computers of specific interest,” the researchers wrote.

“There appears to be a heavy investment in the coordination, development, deployment, and operation of these tools during the attacks,” the researchers wrote. Although difficult to perform, these kinds of attacks on banks can be highly lucrative.”

Odinaff is set to share digital characteristics with the Carbanak trojan that also targeted targeted large financial institutions, and was used by cyber criminals.

While attacks appear to have happened worldwide, the main areas affected according to Symantec, are the USA and Japan.

Cyber criminals are using increasingly sophisticated malware to get into banks and swipe lucrative data, using all manner of vectors including cloud services such as Google Drive.

Are you a security expert? Try our quiz

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

16 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

17 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

18 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

20 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

22 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

23 hours ago