A new wave of SAP attacks could crash down on enterprises after the discovery of an old banking Trojan had been modified. Trojanibank was modified to look for SAP GUI installations on infected endpoints. Trojan ibank’s password-stealing functionality could be for the purpose of gathering information that could be sold to third parties on the black market. Only 15 percent of SAP routers available on the Internet were patched, says Alexander Polyakov, co-founder and CTO of ERPScan. Business-critical applications are at the heart of most business processes and could make or break the viability of the business.”]
Source: https://www.darkreading.com/attacks-breaches/is-a-tsunami-of-sap-attacks-coming-