"Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit drIBAN"

Since at least 2019, Italian corporate banking clients have been the target of an ongoing financial fraud campaign involving a new web-inject toolkit called drIBAN. According to Cleafy researchers, the primary objective of drIBAN fraud operations is to infect Windows workstations within corporate environments in an attempt to alter legitimate banking transfers performed by victims by changing the beneficiary and transferring money to an illegitimate bank account. The bank accounts are either controlled by the threat actors or their affiliates, who are then tasked with laundering the stolen funds. Web-injects are a time-tested technique that allows malware to inject custom scripts on the client side via a man-in-the-browser (MitB) attack and intercept traffic to the server. This article continues to discuss the ongoing financial fraud campaign leveraging the new drIBAN web-inject toolkit. 

THN reports "Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit drIBAN"