View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Trojan Snifula is gaining ground on Japanese banks

The range of victims is growing, according to Symantec.

By Jimmy Nicholls

The Snifula trojan is targeting more than 30 financial groups in Japan, including 12 regional banks, according to security firm Symantec.

Hackers are now using the malware to conduct man in the browser attacks to steal financial data from smaller companies’ customers, in a broadening of the virus’ range.

Symantec said: "As of July 2014, our telemetry shows that Japan is still ranked third and makes up almost 20% in terms of Trojan.Snifula activities.

"Considering our research, it seems that attackers are not about to quit targeting Japanese online banking customers."

A configuration file found by Symantec revealed 20 credit card sites and 17 online banking sites in Japan being targeted.

More than half of the targeted banks were said to be in the bottom half of the list comparing total deposit balances from customers.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"This clearly shows that the targeted banks are picked regardless of the institution’s size," Symantec said.

The UK still accounts for a quarter of Snifula activity, with Germany responsible for a fifth while the US handles 15%.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.