What is IcedID?
IcedID (S0483) is a sophisticated banking trojan used for financial fraud. Known for its complex code, IcedID malware is difficult to detect and remove.
IcedID malware targets financial institutions to steal login credentials and credit card numbers, enabling fraudulent transactions. Once installed, IcedID can also act as a dropper to download additional malware, like ransomware, and launch further attacks.
How to Defend Against IcedID?
Defending against the IcedID trojan requires preventing its initial infection and detecting its malicious network activity.
- Be cautious with email attachments and links, as phishing is a primary delivery vector for this trojan.
- Keep all operating systems and software patched to limit the vulnerabilities that can be exploited for initial access.
- Deploy endpoint detection and antivirus to identify and block the execution of the banking trojan and its modules.
- Use network detection (NDR) with integrated threat intelligence to spot and block C2 communications associated with IcedID.
