The SLoad malware started infecting computers in Canada and UK only. However, in the final months of 2018, it started infecting computers in Italy. The perpetrators of the Sload attack have been using it to collect information and take screenshots of the infected machine's desktop, gathers a list of the processes been executed, and looks for Citrix-related files and Outlook. To help it to accomplish its tasks, Sload installs the Ramnit Trojan, which is a well-known banking Trojan. Threats like Sload are very versatile, and this is what makes them popular among cybercriminals since using it they can execute Man-in-the-Middle attacks, deliver ransomware or a banking Trojan, which is the case with Sload. Sload is spread via geofencing and corrupted email attachments.
Threats like Sload are very common and, although all the efforts from the security community, new ones keep been created, updated and delivered every day. The only thing computer users and admins can do to contribute with them is to try to avoid these infections by having an updated security program running all the time.