14 DAY TRIAL // Since around early June, cybercriminals have been utilizing a variant of the notorious Citadel banking Trojan to target the customers of Japanese financial institutions.
The cybercriminals are trying to steal not only the financial information of Japanese bank customers, but also their webmail services credentials.
According to researchers from Trend Micro, the IP addresses of the command and control (C&C) servers used in these attacks are located in the US and Europe. However, 96% of the connections to these servers are from Japan.
During a six-day period, experts identified around 20,000 unique IP addresses connecting to the C&C servers. This means that the operation is highly successful in stealing online banking credentials from the infected computers.
The targeted financial institutions have already started warning their customers regarding these attacks.