Bank-targeting malware disguises itself as video conferencing software

IBM says the Vizom malware is spreading through spam-based phishing campaigns

Red skull and crossbones atop binary code

IBM Security researchers have discovered a new form of malware targeting online banking users in Brazil.

Dubbed Vizom, the malware disguises itself as popular video conferencing software and uses convincing remote overlays to take over user devices in real-time.

Research shows that hackers are delivering the malware via spam-based phishing email campaigns. According to IBM Security researchers Chen Nahman, Ofir Ozer and Limor Kessem, the new malware also uses remote overlay techniques and DLL hijacking to evade detection. 

Once embedded on a compromised PC, Vizom forms an infection chain through dynamic link library (DLL) hijacking - it force-loads malicious DLLs by naming its Delphi-based variants with unsuspecting file names found in directories of legitimate videoconferencing software. In Brazil’s case, the DLL is Cmmlib.dll, a file associated with Zoom.

What happens next is stealthy and treacherous. During an ongoing online transaction, the malware connects remotely to the compromised PC. It creates potent and believable HTML overlays and loads them in the Vivaldi internet browser in application mode. It then launches a keylogger that logs the user’s every keystroke when accessing their bank account. The malware then ships the acquired information to the attacker's command-and-control (C2) server. 

Vizom can also abuse Windows API functions, simulate mouse clicks and take screenshots.

There are no reports of hijacking in the US, but attacks have been observed across South America and Europe. 

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021
How do hackers choose their targets?
hacking

How do hackers choose their targets?

17 Sep 2021
Owner of DDoS for hire sites found guilty of hacking offences
distributed denial of service (DDOS)

Owner of DDoS for hire sites found guilty of hacking offences

17 Sep 2021
Microsoft brings passwordless security to consumer accounts
Microsoft Windows

Microsoft brings passwordless security to consumer accounts

16 Sep 2021

Most Popular

Zoom: From pandemic upstart to hybrid work giant
video conferencing

Zoom: From pandemic upstart to hybrid work giant

14 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021