ThreatSTOP Blog

Panda Banker - Expanding coverage

Written by Irena Damsky | May 8, 2016

The Panda Banker banking Trojan, recently uncovered by Fox IT, is related to one of the most famous and destructive banking Trojans in history, Zeus. The Panda Banker is designed to collect victim's login information and online banking credentials and is currently being used to target banking customers in the United Kingdom and Australia. Like its predecessor, the Panda Banker integrates more advanced persistence, infection strategies and modules, which makes the Panda Banker a considerable threat to its victims.

After The ThreatSTOP security team manually investigated the associated malicious domain addresses based on an initial report by Proofpoint, our analysis further discovered 35 infected IP addresses, while the original report only mentioned three domains. This IP address was also found to have been associated with over 20 domains beginning in April and continuing until May 1st, many of which had already been designated as threats.

Threat STOP customers are protected against the Panda Banker Trojan