The Ursnif malware has become the latest malware to shed its roots as a banking trojan to revamp itself into a generic backdoor capable of delivering next-stage payloads, joining the likes of Emotet, Qakbot, and TrickBot.
« This is a significant shift from the malware’s original purpose to enable banking fraud, but is consistent with the broader threat landscape, » Mandiant researchers Sandor

The Ursnif malware has become the latest malware to shed its roots as a banking trojan to revamp itself into a generic backdoor capable of delivering next-stage payloads, joining the likes of Emotet, Qakbot, and TrickBot.
« This is a significant shift from the malware’s original purpose to enable banking fraud, but is consistent with the broader threat landscape, » Mandiant researchers Sandor