{"id":36845,"date":"2020-08-28T15:38:00","date_gmt":"2020-08-28T15:38:00","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31526\/Trojan-Infects-NCR-Posing-Risk-To-Supply-Chain.html"},"modified":"2020-08-28T15:38:00","modified_gmt":"2020-08-28T15:38:00","slug":"trojan-infects-ncr-posing-risk-to-supply-chain","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/","title":{"rendered":"Trojan Infects NCR, Posing Risk To Supply Chain"},"content":{"rendered":"
\n
String of ATMs seen at Hartsfield-Jackson Atlanta International Airport. A trojan infected NCR Corporation, potentially posing a supply chain risk to customers of the popular point-of-sale and ATM software developer.(Photo by: Jeffrey Greenberg\/Universal Images Group via Getty Images)<\/figcaption><\/figure>\n

NCR Corporation has confirmed to SC Media that it found malware-infected computers in an isolated non-production lab environment outside of the U.S., but claims its clients were never at risk of a secondary infection. <\/p>\n

The confirmation came after the CEO of cybersecurity firm Prevailion exclusively told SC Media that a trojan had infected the popular point-of-sale and ATM software developer, and expressed concern that this could potentially pose a supply-chain risk to customers. <\/p>\n

Prevailion CEO Karim Hijazi identified the malware as Lethic, an old botnet threat that dates back to roughly 2008. While traditionally it has been used to distribute spam, it has full trojan capabilities including remote access, lateral movement, and the downloading of additional payloads. While Lethic is not new to the scene, Hijazi noted that often such malwares are repackaged so that conventional anti-virus tools won\u2019t catch them. <\/p>\n

Hijazi said Prevailion, which monitors criminal command-and-control infrastructure for confirmed compromise activity, witnessed more than 180 days of C2 beaconing activity stemming from an IP address traced to NCR in Atlanta, home to the tech company\u2019s headquarters. <\/p>\n

\u201cIt\u2019s been going on for an incredibly long time from our perspective\u2026 and it looks like there\u2019s been even an uptick in terms of the frequency and cadence lately,\u201d said Hijazi, noting that Prevailion has counted approximately 242,000 C2 beacons received from NCR\u2019s IP address over the course of the infection.  <\/p>\n

\n
<\/figure>\n<\/div>\n

\u201cIt has consistently moved up to a severe state, from our perspective, because\u2026 the longer something has time to persist in an environment, the more severe it actually is, because it has more time to do damage and has more doors that it can open up,\u201d Hijazi continued. <\/p>\n

In an official statement from the company, NCR disputed aspects of Prevailion\u2019s findings, saying \u201cWe have no evidence of actual command-and-control traffic leaving our network.\u201d Prevailion has held firm on its initial assessment, however.<\/p>\n

NCR\u2019s assertion that the infection took place outside the U.S. also runs contrary to Prevailion\u2019s statement that the malicious activity was traced to an NCR IP address in Atlanta. But NCR CISO Bob Varnadoe had an explanation for this: \u201cI can\u2019t get into the specifics of how our internal network operate, but\u2026 all of the IP addresses assigned to the company are registered under NCR\u2019s name with our corporate headquarters address,\u201d said Varnadoe. \u201cSo what might look like \u2013 from the registration information \u2013 Atlanta, Georgia, is just because that\u2019s our headquarters address.\u201d <\/p>\n

In its statement, NCR said that it\u2019s taking the infection seriously and \u201cworking with cyber security risk management and network experts to assess\u201d the situation. <\/p>\n

The statement continues: \u201cAll NCR systems and operations are functioning normally. Additionally, we have no indication that our supply chain distribution facilities or customers have been impacted. These computers are not part of our supply chain networks. Furthermore, our production and distribution facilities including but not limited to POS and ATM are on separate networks with comprehensive security controls, including malware protection.\u201d<\/p>\n

This is significant because Hijazi had expressed concern that the trojan could have compromised NCR in such a way to spread malware to the $6.92 billion company\u2019s clients \u2013 perhaps through trojanized POS or ATM software updates.<\/p>\n

\u201cAny organization they may be connected to could also be impacted, so this is a contagious scenario,\u201d said Hijazi prior to NCR\u2019s statement. \u201cThat infection could island hop effectively from them to another party or vice versa \u2013 they may have contracted it from others. We don\u2019t really know. The concerning part of this is that, obviously, any organization sharing data with someone like NCR could run the risk of having that data stolen by way of these tools.\u201d <\/p>\n

Prevailion had not alerted NCR of the infection, but SC Media reached out to the company to disclose the issue and request comment. <\/p>\n

Varnadoe did not confirm if the affected computers were infected with Lethic, what kind of activities the malware was engaged in, and what kinds of data might have been accessible through the compromised lab environment. \u201cWe still have analysis ongoing. What we saw was DNS request traffic. At no time did we actually see command-and-control traffic,\u201d he said. <\/p>\n

Asked by SC Media if the non-production lab is not the type of environment that would likely involve customer or client information, Varnadoe replied, \u201cCorrect.\u201d Asked if data related to internal projects, lab work or intellectual property may have been put at risk, Varnadoe said, \u201cI probably have to get back to you on that conclusion that at this point.\u201d When further pressed, he added, \u201cI think we need to do more analysis, before I feel comfortable commenting on that.\u201d<\/p>\n

Prevalion followed up with SC Media on late Friday, revealing that the company has been in contact with NCR\u2019s security team and incident team. While Hijazi said the company applauds NCR \u201cfor their quick and diligent response to the compromise,\u201d he also said that \u201cwe do disagree with some of the public comments they have made about this compromise.\u201d <\/p>\n

When NCR claims there is no evidence of C2 traffic leaving its network, \u201cwhat NCR is overlooking is that these DNS requests are successfully being collected outside of their network, by us as well as the adversary,\u201d said Hijazi. \u201cWe are not the only ones seeing this call. It is likely calling to a round-robin of C2s. The reason why NCR may not see this as complete communications with the C2 is because Prevailion does not reply to the beacon requests. We simply passively collect them. Since there were no apparent resolutions to the DNS requests, there is no way NCR could determine these requests were successful.\u201d <\/p>\n

Earlier this month, Prevailion publicly reported that it also saw evidence of a network compromise and malware infection<\/a> at the cruise operator Carnival for a period spanning from Feb. 2 through June 6, 2020.  <\/p>\n

This story was edited from the original version to incorporate comments from NCR<\/em> and follow-up comments from Prevailion.<\/em><\/p>\n<\/p><\/div>\n

\n

Topics:<\/h2>\n

Cybercrime<\/a> Malware<\/a> <\/section>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":36846,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[2937],"class_list":["post-36845","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwarebanktrojancybercrimefraud"],"yoast_head":"\nTrojan Infects NCR, Posing Risk To Supply Chain 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Trojan Infects NCR, Posing Risk To Supply Chain 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-28T15:38:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Trojan Infects NCR, Posing Risk To Supply Chain\",\"datePublished\":\"2020-08-28T15:38:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/\"},\"wordCount\":1068,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg\",\"keywords\":[\"headline,malware,bank,trojan,cybercrime,fraud\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/\",\"name\":\"Trojan Infects NCR, Posing Risk To Supply Chain 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg\",\"datePublished\":\"2020-08-28T15:38:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg\",\"width\":1024,\"height\":683},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/trojan-infects-ncr-posing-risk-to-supply-chain\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,bank,trojan,cybercrime,fraud\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwarebanktrojancybercrimefraud\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Trojan Infects NCR, Posing Risk To Supply Chain\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Trojan Infects NCR, Posing Risk To Supply Chain 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/","og_locale":"en_US","og_type":"article","og_title":"Trojan Infects NCR, Posing Risk To Supply Chain 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-08-28T15:38:00+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Trojan Infects NCR, Posing Risk To Supply Chain","datePublished":"2020-08-28T15:38:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/"},"wordCount":1068,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg","keywords":["headline,malware,bank,trojan,cybercrime,fraud"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/","url":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/","name":"Trojan Infects NCR, Posing Risk To Supply Chain 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg","datePublished":"2020-08-28T15:38:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/trojan-infects-ncr-posing-risk-to-supply-chain.jpg","width":1024,"height":683},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/trojan-infects-ncr-posing-risk-to-supply-chain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,bank,trojan,cybercrime,fraud","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwarebanktrojancybercrimefraud\/"},{"@type":"ListItem","position":3,"name":"Trojan Infects NCR, Posing Risk To Supply Chain"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36845"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36845\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36846"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}