A Russian-speaking cybercrime group was observed combining powerful infostealing malware with typosquatted domains to steal(opens in new tab) login data for banking sites. The campaign was spotted by cybersecurity experts Hold Security, and reported on by KrebsOnSecurity.
According to the report, the group known as The Disneyland Team, is targeting people infected with a powerful banking malware called Gozi 2.0 (AKA Ursnif), which can steal computer data, harvest user credentials and financial information, and deploy additional malware.
