Banking Trojan
What is Banking Trojan?
Banking TrojanMalware designed to steal online-banking credentials and authorize fraudulent transactions, typically through web injects, form grabbing, or overlays.
A banking trojan is a specialized strain of malware that targets financial applications and online-banking sessions. Once installed it hooks browsers, captures credentials, intercepts MFA codes, and injects fake fields or overlays into legitimate banking pages so that fraudulent transfers appear as user-initiated activity. Many variants act as modular platforms that also load info stealers, ransomware, or other payloads. Distribution is usually via phishing, malicious documents, or trojanized installers. Defences include reputation-based browser protection, anti-malware with behavioural detection, transaction-anomaly monitoring at banks, MFA bound to hardware keys, and isolating banking activity on dedicated, hardened devices.
● Examples
- 01
Emotet, originally a banking trojan, later evolving into a loader for other crimeware.
- 02
TrickBot injecting fake login fields into corporate banking portals.
● Frequently asked questions
What is Banking Trojan?
Malware designed to steal online-banking credentials and authorize fraudulent transactions, typically through web injects, form grabbing, or overlays. It belongs to the Malware category of cybersecurity.
What does Banking Trojan mean?
Malware designed to steal online-banking credentials and authorize fraudulent transactions, typically through web injects, form grabbing, or overlays.
How do you defend against Banking Trojan?
Defences for Banking Trojan typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Banking Trojan?
Common alternative names include: E-banking trojan, Bankbot.