The ClipBanker Trojan is known as an information stealer and spy trojan, it aims to steal and record any type of sensitive information from the infected environment such as browser history, cookies, Outlook data, Skype, Telegram, or cryptocurrency wallet account addresses. The main goal of this threat is to steal confidential information.
The ClipBanker uses PowerShell commands for executing malicious activities. The thing that made the ClipBanker unique is its ability to record various banking actions of the user and manipulate them for its own benefit. The distribution method of the ClipBanker is through phishing emails or through social media posts that lure users to download malicious content.
|2022-03-03 ⋅ Trend Micro ⋅ |
IOC Resource for Russia-Ukraine Conflict-Related Cyberattacks
ClipBanker Conti HermeticWiper PartyTicket WhisperGate
|2021-12-23 ⋅ Trustwave ⋅ |
COVID-19 Phishing Lure to Steal and Mine Cryptocurrency
|2020-07-29 ⋅ ESET Research ⋅ |
THREAT REPORT Q2 2020
DEFENSOR ID HiddenAd Bundlore Pirrit Agent.BTZ Cerber ClipBanker CROSSWALK Cryptowall CTB Locker DanaBot Dharma Formbook Gandcrab Grandoreiro Houdini ISFB LockBit Locky Mailto Maze Microcin Nemty NjRAT Phobos PlugX Pony REvil Socelars STOP Tinba TrickBot WannaCryptor
|2020 ⋅ Cynet ⋅ |
Threat Research Report: Clipbanker – 13 Second Attack
|2019-04-30 ⋅ ESET Research ⋅ |
Buhtrap backdoor and Buran ransomware distributed via major advertising platform
Buhtrap ClipBanker RTM
There is no Yara-Signature yet.