A recently discovered banking trojan known as “Sniffthem” or Tnaket has made its way onto dark web forums, introduced by a threat actor identified as oliver909 on the XSS Russian language forum. This malicious software targets various Windows operating systems, from Windows 7 to the latest Windows 11, posing a significant threat to users’ financial information.
Oliver909’s post on June 24, 2024, shed light on the advanced capabilities of the Sniffthem trojan, specifically tailored for financial fraud. One of its key features is HTML injection, allowing it to compromise even SSL-secured websites by injecting malicious code. This method undermines the security of supposedly protected web pages, making it easier for cybercriminals to steal sensitive data.
In addition, Sniffthem includes a credit card grabber feature, enabling it to quietly capture credit card details through fake web pages. This stealthy technique ensures that both users and security measures remain unaware of the data theft. Moreover, the trojan is compatible with a wide range of web browsers like Firefox, Google Chrome, Edge, and Yandex, ensuring its effectiveness across different user environments.
To evade detection, Sniffthem utilizes crypters that encrypt its code, making it challenging for antivirus programs to detect and remove the malware effectively. Oliver909 demonstrated the trojan’s functionalities through a video shared on the forum, showcasing its management panel and user interface designed for seamless control over illegal activities.
Sniffthem is offered on a subscription basis by oliver909, with a monthly cost of USD 600. This pricing strategy makes Sniffthem an attractive option in the cybercriminal marketplace, enticing threat actors seeking to engage in financial fraud schemes.
From a technical perspective, Sniffthem’s sophisticated features and ability to operate as a hidden process with a web-based management panel give threat actors remote access to compromised devices for malicious activities. Its compatibility with a wide variety of browsers highlights its adaptability and potential impact on cybersecurity, especially in sectors like banking, financial services, and insurance where sensitive data is a prime target.
The emergence of Sniffthem raises concerns for organizations and individuals, particularly in the financial sector. To mitigate risks associated with banking trojans like Sniffthem, companies should prioritize regular software updates, endpoint protection, and employee training to combat phishing attempts effectively.
In conclusion, the advent of Sniffthem underscores the increasing threat posed by sophisticated malware to cybersecurity. It serves as a reminder for individuals and organizations to remain vigilant, adopt best practices, and stay informed about potential cyber threats to safeguard their sensitive information.