Cyber Criminals Using Odinaff Trojan To Infiltrate Bank Systems

Cyber criminals are using targeting banks using a trojan dubbed Odinaff, which stealthily defrauds financial institutions by gaining control over their systems and networks.

The trojan was discovered by cyber security firm Symantec, which says it has been in undocumented use since January, likely using its discreet capabilities to remain below the radar of security professionals.

Armed with custom-built malware tools, the trojan has been designed to establish a foothold on a targeted network. Once it has done that, Odinaff can then deploy malware tools to explore the networks, steal credentials and monitor activity. The tools can also wipe infected computers to hide traces of their activity.

Odinaff can also carry another trojan called Batel as part of its payload; Batel creates a backdoor to the command and control server used by the hackers. As Batel deploys malware for in memory use, it can luck in a machine without being easily noticed.

Professional cyber crime

This stealthy operation was needed as Symantec pointed out that the Odinaff requires a high level of user interaction and control, so it is likely to have been designed by cyber criminals who which to carefully control what the trojan downloads to infiltrate a targeted network so that it does not draw attention to its presence.

The level of effort that involves suggests such attacks come from cyber criminals that have a lot to gain financially of they breach the network of a large bank.

“These attacks require a large amount of hands on involvement, with methodical deployment of a range of lightweight back doors and purpose built tools onto computers of specific interest,” the researchers wrote.

“There appears to be a heavy investment in the coordination, development, deployment, and operation of these tools during the attacks,” the researchers wrote. Although difficult to perform, these kinds of attacks on banks can be highly lucrative.”

Odinaff is set to share digital characteristics with the Carbanak trojan that also targeted targeted large financial institutions, and was used by cyber criminals.

While attacks appear to have happened worldwide, the main areas affected according to Symantec, are the USA and Japan.

Cyber criminals are using increasingly sophisticated malware to get into banks and swipe lucrative data, using all manner of vectors including cloud services such as Google Drive.

Are you a security expert? Try our quiz

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

14 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

15 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

16 hours ago

NHS Scotland Confirms Clinical Data Published By Ransomware Gang

NHS Dumfries and Galloway condemns ransomware gang for publishing patients clinical data after cyberattack earlier…

17 hours ago

Fewer People Using Twitter After Musk Takeover – Report

Research data suggests fewer people are using Elon Musk's X, but platform insists 250 million…

20 hours ago

Julian Assange Wins Temporary Reprieve For US Extradition Appeal

US assurances required. Julian Assange handed a slender reprieve in fight against his extradition to…

22 hours ago