Malware experts have spotted a new banking Trojan dubbed as IcedID, which is in its first stages of development. In spite of being new, IcedID already possesses some advanced features that rival with what experts have seen in older and more complex banking Trojans. IcedID can carry out attacks that steal user financial data via both redirection attacks (installs local proxy to redirect users to clone sites) and web injection attacks (injects browser process to show fake content overlaid on top of the original page). According to IBM's X-Force team, who discovered this new threat, the criminal group behind the Trojan is using the botnet infrastructure of the Emotet Trojan to deliver IcedID on already infected computers.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street