Where does MB stand with GozNym banking trojan?

[SpacePickle]

Hi, I've searched but found no hit for GozNym here.  GozNym is that new publicized hybrid Banking Trojan.  Some internet hits from April said MB did not fully remove it.  Not sure if that means MB found/cleaned the dropper?   Does Malwarebytes protect against GozNym currently? 

I have MB Premium as well as free Anti-Exploit, aside from my primary AV. Thanks.

[daledoc1]

Hello and , @SpacePickle:

We will need to wait for a Malwarebytes staff member (preferably someone from the Research Team) to answer your specific question.

However, name alone is often insufficient, as any piece of malware can be called anything.
Moreover MBAM targets only certain types of malware. Without knowing the precise nature of the beast to which you refer, it's hard to say.

If possible, it might be preferable to submit to the Research Center (NOT here in THIS forum area) an archived sample, as well as a VirusTotal analysis link.
These steps are explained here.
The Research Team staff will evaluate your submitted data and advise you further.

Cheers,

[SpacePickle]

Thank You.

Just FYI- You guys are already aware of GozNym.  Its on your FB I just saw..  Refer to this.

 

 

Edited May 29, 2016 by SpacePickle

[SpacePickle]

So, just hoping for current info from MB whether we are actively protected from this hybrid Trojan, whatever name it is called (currently referred to as "GozNym")

 

Thank You.

[daledoc1]

Thanks for that information.

I am just a home user and forum volunteer. And I don't do FB.

So, as you suggest, the Research Team may already be familiar with this malware.
But only they can comment specifically as to whether MBAM already detects known versions of this malware.

If you post a sample and VT link over in the Research Center, as mentioned, they will be able to provide a more concrete answer.

Thanks again,

[SpacePickle]

Haha, I don't do FB either, just found it in a search and figured I'd just come here for the best information.  Thank you so much for your quick responses.  I will hang on and wait for someone from your team to answer.  Thanks again.

[Maurice Naggar]

Hello,

Yes, the Malwarebytes Anti-Malware Premium does protect against this banking trojan, as well as others.   But the thing is, that everyone needs to practice constant vigilance.

Watch what they "click"  and hopefully, look close before clicking links, etc.   Keep all software apps current, as well, as Windows, the antivirus, and Malwarebytes.

The other part of the safety equation is "you" and all who use your machine.

Follow best practices when browsing the Internet, especially before opening links coming from unknown sources.
Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself.  Do not double click in the email.  Always Save first  to disc and then scan with antivirus program.

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address   ( one that does not fit or is odd looking or has typos).

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login.  Just use the new Standard-user-level one for everyday use while on the internet.

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (PSI) on a regular basis.
See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
http://www.bleepingcomputer.com/tutorials/tutorial174.html

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

Malwarebytes Anti-Exploit provides passive ( background ) protection against zero-day type exploits and Windows exploits & web browser & Java exploits.
We have a free version Malwarebytes Anti-Exploit (MBAE) that protects against exploit attacks.  Install it if you do not already have it on this machine.
"the download link for the setup utility is this"