An untold story of a Spy

Diwakar Kumar Dinkar & Rahamathulla Hussain, McAfee Labs

The cyber security is evolving over a period adapting new technologies to stop computer threats. At the same time, these cyber threats are also evolving rapidly, developing new techniques to evade detection from security products. In cybersecurity industry, we have been watching every year that there is a huge rise in Ransomware but this year Info-stealer played some vital roles in stealing financial details from customer.

This Paper will present behavior and the complete technical details of Ursnif in a quick view. We will focus on the reason, why these malware authors give more preference to Info-stealer instead of other malwares. A short overview about the history of this, its infection vector and complete working principle.

This presentation will also share about their campaigns, url patterns and the secrets behind the sustenance of Ursnif which involves the use of mail-slot, process hallowing components for successful exploitation to inject the code into legitimate Process and steals the victim Banking credentials successfully.

We will conclude on why authors giving importance to Info-stealer Trojan nowadays. We also conclude by saying that how to prevent and protect yourself from these types of Info-stealer.

Diwakar Kumar Dinkar

Rahamathulla Hussain

The Dynamic Security Ecosystem
Other Topics