There are several legitimate “as-a-service” models out there from legitimate companies, designed to help thwart bad actors from performing dangerous cybersecurity attacks.  But these models are also being used by threat actors to perform malicious attacks on unsuspecting victims in the effort to acquire a payday, or sensitive information.

A recent threat wreaking havoc is a MaaS attack, or “Malware-as-a-Service” attack, called Nexus. The attack specifically targets the banking data of its intended victims. The MaaS project, which is said to be under “continuous development”, is available for criminals to access at a cost of $3,000 per month.

Using Nexus, the bad actors can use the MaaS kit to steal passwords for banking apps. Those who use two-factor authentication on their banking apps aren’t even necessarily safe as certain accessibility features such as SMS codes and Authenticator codes can be accessed by the Trojan.

Once Nexus is installed on the victim’s device, it connects to a C2 server, providing a C2 panel for criminals to perform their attack and access stolen data.

Nexus is a new threat, and although researchers agree that it has similarities to previous Trojans that were designed to carry out the same type of attack, this is a new threat operated by a different group. Nexus also promises continuous development, which makes this Malware-as-a-Service threat one to monitor going forward. If you aren’t already protecting your online banking information with multiple layers of security, now might be the time to do so.

Story via TechRadar