A variant of the infamous banking trojan Zeus has gone beyond targeting financial accounts, instead striving to collect another type of sensitive business data: customer information.
The variant, known as Dyre, is a banking trojan that first came to light in June when security companies warned that the Zeus knockoff found a way to bypass Web encryption, known as secure sockets layer (SSL). At the time, it targeted some of the largest global banks, such as Bank of America, Citibank, Natwest, RBS, and Ulsterbank. A recent version of Dyre, however, has begun targeting Salesforce, a popular cloud service for storing customer information, according to analyses.
Other cloud services could just as easily be targeted, according to security firm Adallom.