Web Injection and Banking Trojan Malware -A Systematic Literature Review

Outlet Title

6th International Conference on Information and Computer Technologies

Authors

Cherie Noteboom, Dakota State UniversityFollow
Tjada Nelson, Dakota State University
Cory A. Nance, Dakota State University

Document Type

Conference Proceeding

Publication Date

2023

Abstract

Banking trojan malware focuses on stealing credentials for financial services. A common technique used to facilitate this theft is web injection. Web injects work by modifying web page code or intercepting user input within a browser. Multiple papers in the literature discuss web injects and banking trojan malware; however, this paper extends the existing literature by answering key questions related to web inject usage in banking trojan malware.Specifically, this paper systematically analyzes the available literature to describe which threat actors use banking trojans, identify the malware families employing web injects, enumerate web injection techniques, and define the victims of banking trojans. To answer these questions, a 3-phase systematic literature review was conducted. In total 258 articles were reviewed and analyzed using a custom classification schema. The analysis revealed that web injects in banking malware trojans are a large threat in the cyber landscape.

Recommended Citation

Noteboom, Cherie; Nelson, Tjada; and Nance, Cory A., "Web Injection and Banking Trojan Malware -A Systematic Literature Review" (2023). Research & Publications. 378.
https://scholar.dsu.edu/bispapers/378