IBM security Discovered a Malware family called ” Dridex’s ” with samples of version 4.0 of the infamous fully integrate Dangerous Auto Bombing banking trojan (Dridex v4). Dridex v4 Reported as the only Trojan has encountered to use Atom-bombing . IBM X-Force said it is already in use in active campaigns against U.K. banks . But […]
The cyber criminal community widely depends on phishing scams to target unsuspected users, that’s why these attacks are not only increasing but also adding sophisticated means to trick users into giving away their personal and financial details. Recently, security researchers at Cyren discovered a phishing scam targeting banking and digital payment customers worldwide. The targeted platforms […]
The new Android banking malware ESET recently discovered on Google Play was spotted in the wild again, targeting more banks. Further investigation of this resurfacing threat has uncovered its code was built using source code that was made public a couple of months ago. The previous version was detected by ESET as Trojan.Android/Spy.Banker.HU (version 1.1 […]
Today, we have released a white paper on RTM, a cybercrime group that has been relentlessly targeting businesses in Russia and neighboring countries using small, targeted campaigns. This group, active since at least 2015, is using malware, written in Delphi, to spy on its victims in a variety of ways, such as monitoring keystrokes and […]
Cyber-security researchers at Securify, a Dutch security firm, have been evaluating the Marcher Android banking Trojan for the past six months. They have come to the conclusion that Marcher has been there since 2013 and its attacking tactics have been evolving since then. Until now, the Trojan has managed to infect thousands of Android devices […]
It starts with a phishing attack over SMS, continues with a bad app and ends with your stolen bank account. Android-targeting banking Trojan Marcher is on the rise, infecting devices via a phishing attack using SMS/MMS, gaining extensive privileges, displaying an overlay window to your banking app and collecting all your data, all the while […]
First observed in July 2014, “Dridex,” a financial banking Trojan, is considered the successor to the “GameOver ZeuS” (GoZ) malware. • Dridex was most active between 2014 and 2015, and smaller campaigns were observed throughout 2016 with its peak activity in May 2016. • On January 25, 2017, the criminal syndicate behind Dridex launched another […]
Every other horrific information for Android customers — supply code for another Android banking malware has been leaked online thru an underground hacking discussion board. This newly located banking Trojan is designed to steal cash from bank money owed of Android gadgets’ proprietors by means of gaining administrator privileges on their smartphones. Seemingly, it will […]
Carbanak – one of the maximum a hit cyber criminal gangs ever that’s acknowledged for the theft of 1 billion dollars from over 100 banks throughout 30 countries lower back in 2015 – is returned with a BANG! The Carbanak cyber gang has been observed abusing diverse Google services to problem command and manage (C&C) […]
Zscaler experts have found in the wild a fake version of the Super Mario Run Android App that could install the Android Marcher banking trojan. Bad news for mobile gamers, security experts at Zscaler have spotted a strain of the Android Marcher Trojan masqueraded as the recently released Super Mario Run mobile game for Apple’s iOS. Marcher is a sophisticated banking […]
Hackers have started a new campaign in which they have chosen WhatsApp as the primary malware-distributing platform. In this campaign, hackers are distributing the malware through 2 files namely “NDA-ranked-8th-toughest-College-in-the-world-to-get-into.xls” and “NIA-selection-order-.xls” respectively. These files are being circulated via WhatsApp in the form of authentic word files obtaining sensitive information from users which include online […]
The current generation of Android banking trojans are all equipped with ransomware-like features in order to lock the user’s device, and in some cases encrypt his data. Despite possessing such dangerous functions, very few Android banking trojans deploy them, focusing on their primary job of collecting login credentials for banking portals and instant messaging applications. […]
Just a couple of weeks ago we reported about “Gooligan” attack affecting millions of Android devices worldwide. Now, Comodo Threat Research Labs have identified a new malware Tordow v2.0 which is the first mobile banking Trojan created specifically for Android devices affecting users in Russia. It has become a serious threat for Android users because […]
A group of malware authors has come up with a new method of transcending an infection from the user’s computer to his Android smartphone. Discovered by security researchers from BadCyberLabs, the initial infection is with the ISFB (also known as Gozi2) banking trojan, while the second-stage infection was via the Marcher Android banking trojan. ISFB […]
New Android.Fakebank.B variants use social engineering to bypass a battery-saving process and stay active in the background. Recent variants of Android.Fakebank.B have been updated to work around the battery-saving process Doze. The variants display a pop-up message asking the user to add the threat to the Battery Optimizations exceptions whitelist. If this technique works, then […]
Banking Trojans usually look for and exploit unidentified or overlooked vulnerabilities in web browsers. That’s because web browsers let these trojans infect a larger number of devices by expanding their exposure across the globe. The same has happened in this particular case where an Android banking Trojan codenamed as Svpeng used Chrome browser’s vulnerability to […]
Malicious ads exploited zero-day flaw in Android that auto downloaded files. Google has shut down an operation that combined malicious AdSense advertisements with a zero-day attack exploiting Chrome for Android to force devices to download banking fraud malware. Over a two-month span, the campaign downloaded the Banker.AndroidOS.Svpeng banking trojan on about 318,000 devices monitored by […]
Security researchers warn that a bogus Flash Player app aimed at Android mobile devices has surfaced and is luring victims to download and install banking malware that steals credit card information and can defeat two-factor identification schemes. Wells Fargo, Discovery Financial and Chase customers, along with services such as Skype, Snapchat and Facebook are targeted in these […]
We recently published an overview blog about the CloudFanta malware campaign that uses the Sugarsync cloud storage app to deliver malware capable of stealing user credentials and monitoring online banking activities. This blog will detail the technical aspects of CloudFanta. Although CloudSquirrel and CloudFanta malware are not similar, we believe that both malware campaigns are […]
In the first half of 2016 we noticed that Android banking Trojans had started to improve their phishing overlays on legitimate financial apps to ask for more information. Victims were requested to provide “Mother’s Maiden Name,” “Father’s Middle Name,” “Maternal Grandmothers Name,” or a “Memorable Word.” Attackers used that data to respond to security questions and obtain […]
GozNym botnet included over 23,000 infected victims. The Cisco Talos team has announced today that they’ve successfully managed to sinkhole one of GozNym’s botnets and are in the process of doing the same to three others. Researchers say they were able to divert traffic from the GozNym botnet after they managed to crack the domain […]