Banking malware using a variety of tricks to evade detection
A new report from the Arbor Security Engineering and Response Team (ASERT) sheds light on how the sophisticated banking malware known as Neverquest or Vawtrak is able to evade detection, by using encryption, anonymous routers, and even steganography.
“Neverquest is something we investigated because of its impact on the financial industry,” said Kirk Soluk, manager of threat intelligence and responses at Arbor Networks. “Turns out, it’s quite a sophisticated piece of malware. It does a lot of things to make it difficult for researchers to figure out how it works.”