The rise of IcedID – computerworld.ch

Trojan IcedID Internet Banking made its way to the top of Check Point Software Technologies’ Swiss “Most Wanted” list virtually out of nowhere. Through this “malicious display” malware, a cybersecurity specialist identifies types of malware that the Check Point research team has found and has repeatedly filtered on corporate computers in Switzerland and around the world.

After all, IcedID’s virulence with a prevalence of more than 8 percent isn’t quite as clear as it is across the globe, with 11 percent of companies affected by malware. Globally, IcedID is “only” second, outperformed by Dridex, by over 16 percent.

Spam using the Covid-19 bait

Although it is now listed in the top ten for the first time, IcedID is by no means new. The Internet banking trojan first appeared in 2017. In March, it was able to spread quickly thanks to various spam campaigns. One of the email garbage lured by Covid-19 to convince recipients to open malicious email attachments. Most of these attachments are Microsoft Word documents with a malicious macro that installs an IcedID installer. Once set up, the Trojan horse attempts to steal bank account details, payment information, and other sensitive information from victims’ computers.

Particularly dangerous: IcedID uses other malware to reproduce and has already served cyber criminals as a springboard for infections for ultimate ransomware attacks.

“IcedID proves that cybercriminals continue to adapt their techniques to attack organizations, using the pandemic as a cover,” comments Maya Horowitz, responsible for both threat awareness and research and related products at Check Point. “IcedID is a particularly elusive Trojan horse that uses a number of methods to steal financial data,” it warns and recommends extensive awareness campaigns among company employees. This is the only way in which they “have the skills to identify the types of malicious emails distributed by IcedID and other malicious software,” Horowitz adds.