Over the past year, a malware identified as Trojan.Stabuniq has been spotted in the networks of several United States organizations, particularly financial institutions such as banks and credit unions.Symantec experts have analyzed this threat and they believe that the cybercriminals might be using it to target specific people or entities.
That’s because 59% of the malware samples have been found on the computers of home users and 39% of them on the servers, firewalls, proxies and gateways of financial institutions from the US.
It has also been seen on computers belonging to security solutions providers, but that’s likely because they might be analyzing the threat.
The malware is spread via spam emails and web exploit kits. Once it lands on a computer, it starts collecting information which it sends back to its command and control server.
Since Stabuniq doesn’t appear to be widespread, and since it has been mainly targeting financial institutions, researchers explain that the Trojan’s masterminds might be using it simply to gather information.