Once used to hack banks, IcedID Trojan attacks now target retailers

IBM has issued a warning that cyber criminals are now using the IcedID Trojan attack method to target retailers. This method was initially deployed to defraud banks’ customers by inserting fake forms into an online banking site and prompting users to, for instance, type in the expiration date of their bank card or their PIN code. With the rise of e-commerce, online retailers have also become a tempting target for hackers that seek to steal data and make fraudulent transactions.

IBM believes that cyber criminals behind the latest attacks are based in Eastern Europe, although they mostly target companies in the US. And despite these and many other threats, retailers are yet to ramp up their online defence systems. For instance, a report by SecurityScorecard found that the quality of cybersecurity protection in the retail sector was second to last of all industries tracked.