Researchers have found a variant of Ursnif Trojan they said is a v3 build that targets Australian bank customers with new redirection attack techniques. The malware maintains a live connection with the bank s legitimate webpage to ensure that its genuine URL and digital certificate appear in the victim’s address bar. At that point, the malicious actors can use web injections to steal login credentials, authentication codes and other personally identifiable information without tripping the bank’s fraud detection mechanisms, researcher Limor Kessem said.
Source: https://threatpost.com/ursnif-trojan-adopts-new-code-injection-technique/129072/