Researchers have observed an uptick in attacks using the banking malware Floki Bot against U.S., Canadian and Brazilian banks, and insurance firms.
Floki Bot, which uses code from the once notorious Zeus banking Trojan, has evolved and unlike its predecessor, is targeting point-of-sale systems via aggressive spear phishing campaigns and the RIG exploit kit.
Cisco Talos and Flashpoint security researchers coordinated the release of reports on Floki Bot on Wednesday. Both firms warn the malware is quickly gaining popularity within Dark Web criminal forums.
“Floki Bot is currently being actively bought and sold on several darknet markets,” wrote Cisco Talos in its report released Wednesday. “It will likely continue to be seen in the wild as cybercriminals continue to attempt to leverage it to attack systems in an aim to monetize their efforts.”