14 DAY TRIAL // Cybercrime investigation company Group-IB has identified a new type of malware that’s specifically designed to target QUIK, a stock brokerage platform used by many financial institutions worldwide, including ones from Russia such as Sberbank, Alfa-Bank and Promsvyazbank.
The company reveals that up until recently, attacks on online trading and stock brokerage systems have been carried out through untrusted or fake partners.
However, in November 2012, Group-IB detected the first “professional malware” designed to target the Quik Dealer and Quik Broker applications, both utilized by one of Russia’s leading stock exchanges, MICEX.
Once it infects a system, the malware checks for the presence of the applications. If they’re detected, it starts recording the user’s activity to extract valuable information.
The screenshots and the credentials recorded by the malware are sent back to a command and control server.