Panda

Yet another Zeus variant, Panda was first discovered in Brazil in 2016, around the time of the Olympic games. Panda uses many of the traditional techniques from Zeus, including man-in-the-browser (MITB) attacks and keylogging, but sets itself apart through its advanced stealth capabilities. This has made analyzing the malware more difficult. As of 2017, Panda was able to detect 23 forensic analytic tools and it is possible that it now detects even more.54 Like many other banking trojans, Panda has expanded its target list beyond just financial services institutions, and in 2018 was caught targeting cryptocurrency exchanges and social media websites. Moving to 2019, Panda continued to expand its scope. The March 2019 campaign exclusively targeted US-based companies, many of which are in the web services industry. Panda remains active; its stealth capabilities make it a unique malware family that continues to evade anti-virus software.