{"id":24690,"date":"2019-01-25T13:03:31","date_gmt":"2019-01-25T13:03:31","guid":{"rendered":"http:\/\/4efdf4a5-860e-4b7a-9d9e-0233e0e094a7"},"modified":"2019-01-25T13:03:31","modified_gmt":"2019-01-25T13:03:31","slug":"this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/","title":{"rendered":"This old trojan learns new tricks in its latest banking info and password-stealing campaign"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet2.cbsistatic.com\/hub\/i\/r\/2017\/08\/02\/38dee802-1ef7-4687-aa6c-56fbd6420104\/thumbnail\/770x578\/03dbbebb5a01cd732e44dd10d90bbaab\/istock-hacker-with-phone-and-keyboard.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>An infamous form of banking trojan malware with a history going back over a decade has been updated with additional infection techniques as part of a new campaign targeting financial data and passwords.<\/p>\n<div class=\"relatedContent alignRight\">\n<h3 class=\"heading\"><span class=\"int\">More security news<\/span><\/h3>\n<\/div>\n<p>Ursnif is one of the most popular families of Windows banking trojans deployed by cyber criminals and the code behind it has been active in one form or another since at least 2007 when it first emerged in the Gozi banking trojan.<\/p>\n<p>Gozi&#8217;s source code was leaked in 2010, leading to <a href=\"https:\/\/www.zdnet.com\/article\/goznym-the-double-headed-malware-monster-targeting-us-banks\/\">several different versions of the malware emerging<\/a> and targeting banks. Arguably the most successful versions of malware using Gozi&#8217;s source-code, Ursnif is still being actively developed and deployed 12 years on from when the threat first appeared.<\/p>\n<p>Uncovered by <a href=\"https:\/\/blog.talosintelligence.com\/2019\/01\/amp-tracks-ursnif.html\" target=\"_blank\" rel=\"noopener noreferrer\">researchers at Cisco Talos<\/a>, the latest Ursnif campaign is distributed in the same way as many other forms of malware \u2014\u00a0<a href=\"https:\/\/www.zdnet.com\/article\/phishing-attacks-why-is-email-still-such-an-easy-target-for-hackers\/\" target=\"_blank\">in phishing emails<\/a>, containing malicious attachments. In this instance, the user is encouraged to open a Microsoft Word document, which presents them with instructions to &#8216;enable content&#8217; to see what is inside.<\/p>\n<p>This is a ploy to trick the user into enabling macros, which allows <a href=\"https:\/\/www.zdnet.com\/article\/a-question-of-security-what-is-obfuscation-and-how-does-it-work\/\">obfuscated code<\/a> to be executed and ultimately leads to the system being compromised by the malware.<\/p>\n<p>However, Ursnif isn&#8217;t downloaded straight from the malicious document, rather the obfuscated code runs a PowerShell command, which in turn leads to a second PowerShell command that then downloads an Ursnif executable from a command and control server to the victim&#8217;s AppData directory.<\/p>\n<p><strong>SEE:\u00a0<a href=\"http:\/\/www.zdnet.com\/topic\/a-winning-strategy-for-cybersecurity\/\">A winning strategy for cybersecurity<\/a>\u00a0(ZDNet special report) |\u00a0<a href=\"https:\/\/www.techrepublic.com\/resource-library\/whitepapers\/a-winning-strategy-for-cybersecurity-free-pdf\/\" target=\"_blank\" rel=\"noopener noreferrer\">Download the report as a PDF<\/a>\u00a0(TechRepublic)<\/strong><\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_ZD_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p>By distributing the malware in this way, it makes it more difficult for the malicious activity to be spotted, increasing the chances of a successful infection as it often can&#8217;t be discerned from normal traffic \u2014 although Cisco Talos uncovered the campaign after its exploit-prevention engine picked up and prevented an attack at this point.<\/p>\n<p>If the execution of Ursnif gets to the AppData directory, it uses Windows Management Instrumentation Command-line (WMIC) to execute PowerShell and ultimately run the code for retrieving and injecting the malware into the system.<\/p>\n<p>Following a successful installation, Ursnif makes requests to a command and control server, with the data put into a compressed CAB file prior to being exfiltrated from the machine, providing attackers with the means of stealing information, banking information, login details and more.<\/p>\n<p>Ursnif <a href=\"https:\/\/www.zdnet.com\/article\/hackers-are-testing-out-this-updated-banking-malware-with-added-stealthy-attacks\/\">is regularly updated with new attack techniques<\/a> and this appears to be just the latest in a long line of changes made to the malware in order to make it more effective.<\/p>\n<p>Cisco Talos has published the Indicators of Compromise for the latest version of Ursnif <a href=\"https:\/\/blog.talosintelligence.com\/2019\/01\/amp-tracks-ursnif.html\" target=\"_blank\" rel=\"noopener noreferrer\">in their analysis of the malware<\/a>.<\/p>\n<p><strong>READ MORE ON CYBER CRIME<\/strong><\/p>\n<p>READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/this-old-trojan-learns-new-tricks-in-its-latest-banking-data-and-password-stealing-campaign\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This banking trojan has a long history, but it&#8217;s still going strong &#8211; and still being updated.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":24691,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-24690","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>This old trojan learns new tricks in its latest banking info and password-stealing campaign 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"This old trojan learns new tricks in its latest banking info and password-stealing campaign 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-25T13:03:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"This old trojan learns new tricks in its latest banking info and password-stealing campaign\",\"datePublished\":\"2019-01-25T13:03:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/\"},\"wordCount\":474,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/\",\"name\":\"This old trojan learns new tricks in its latest banking info and password-stealing campaign 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg\",\"datePublished\":\"2019-01-25T13:03:31+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"This old trojan learns new tricks in its latest banking info and password-stealing campaign\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"This old trojan learns new tricks in its latest banking info and password-stealing campaign 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/","og_locale":"en_US","og_type":"article","og_title":"This old trojan learns new tricks in its latest banking info and password-stealing campaign 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-01-25T13:03:31+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"This old trojan learns new tricks in its latest banking info and password-stealing campaign","datePublished":"2019-01-25T13:03:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/"},"wordCount":474,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/","url":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/","name":"This old trojan learns new tricks in its latest banking info and password-stealing campaign 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg","datePublished":"2019-01-25T13:03:31+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/this-old-trojan-learns-new-tricks-in-its-latest-banking-info-and-password-stealing-campaign\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"This old trojan learns new tricks in its latest banking info and password-stealing campaign"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=24690"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24690\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/24691"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=24690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=24690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=24690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}