SC Magazine: Flokibot trojan spotted targeting Brazilian POS infrastructure

February 1, 2017 — Flokibot trojan spotted targeting Brazilian POS infrastructure

NuData Security Engineer Don Duncan emphasizes the importance of firms adopting EMV chip technology in response to this Flokibot malware family discovery.


Arbor Networks researchers spotted the Flokibot malware family targeting Point of Sale infrastructure in Brazil and other countries.

The malware is a Zeus-based banking trojan variant developed from the leaked Zeus 2.0.8.9 source code.
While the majority of malware compromises have been in Brazil, attacks have also been spotted in Australia, the U.S., Paraguay, Croatia, the Dominican Republic and Argentina, according to a Jan. 30 blog post.
In one of the compromises, researchers suspect the cybercriminals were involved in the creation of phony credit cards. Researchers were also able to link the Kronos banking trojan, to Flokibot campaigns by examining C2 servers.


NuData Security Engineer Don Duncan emphasized the importance of firms adopting EMV chip technology.
“There is no doubt that the shift to EMV is causing fraudsters to adapt their methods by turning to card-not-present fraud,” Duncan said. “This was the trend seen in Europe when they made the change a few years ago. The fraudsters will continue to shift their sights on untapped vulnerabilities as we shift our defenses.”

For the complete article, go here.