KRONOS/Osiris Banking Trojan Attack

Threat Research

The KRONOS malware was first discovered in June 2014 as a Banker Trojan available for purchase in a Russian underground forum for $7,000. After staying dormant for few years, a new variant of KRONOS, known as Osiris, was discovered in July 2018, with three distinct campaigns targeting Germany, Japan, and Poland. The new variant contains features like TOR network command and control (C2), keylogging, and remote control via VNC along with older features like form grabbing and web-injection.