banking malware – MrHacker

Malware

Feb 02, 2024

INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs

An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP addresses and URLs. The law enforcement effort, codenamed Synergia, took place between September and November 2023 in an attempt to blunt the “growth, escalation and professionalization of transnational cybercrime.” Involving 60 law enforcement agencies spanning […]

root

Malware

Sep 08, 2023

U.K. and U.S. Sanction 11 Russia-based TrickBot Cybercrime Gang Members

The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said, adding it has “ties to Russian intelligence services and has targeted the U.S. Government […]

root

Malware

Mar 04, 2023

New FiXS ATM Malware Targeting Mexican Banks

A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since the start of February 2023. “The ATM malware is hidden inside another not-malicious-looking program,” Latin American cybersecurity firm Metabase Q said in a report shared with The Hacker News. Besides requiring interaction via an external keyboard, the Windows-based ATM malware is […]

root

Nov 24, 2022

This Android File Manager App Infected Thousands of Devices with SharkBot Malware

The Android banking fraud malware known as SharkBot has reared its head once again on the official Google Play Store, posing as file managers to bypass the app marketplace’s restrictions. A majority of the users who downloaded the rogue apps are located in the U.K. and Italy, Romanian cybersecurity company Bitdefender said in an analysis […]

root

Malware

Nov 17, 2022

FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva

A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims’ bank accounts using malware called Zeus. Vyacheslav Igorevich Penchukov, who went by online pseudonyms “tank” and “father,” is alleged to […]

root

Malware

Aug 20, 2022

New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. “In this campaign, the threat actors impersonate government officials from the Attorney General’s Office of Mexico City and from the Public Ministry in the form of spear-phishing emails in order to […]

root

Cyber Attack

Jul 29, 2022

Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware

A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users’ devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code readers, VPN services, and call recorders, among others. All these apps in […]

root

Malware

Jun 28, 2022

New Android Banking Trojan ‘Revive’ Targeting Users of Spanish Financial Services

A previously unknown Android banking trojan has been discovered in the wild, targeting users of the Spanish financial services company BBVA. Said to be in its early stages of development, the malware — dubbed Revive by Italian cybersecurity firm Cleafy — was first observed on June 15, 2022 and distributed by means of phishing campaigns. […]

root

Malware

May 31, 2022

Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise

An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF). Other frequently targeted countries include Poland, Australia, the U.S., Germany, the U.K., Italy, […]

root

Malware

Feb 21, 2022

New Android Banking Trojan Spreading via Google Play Store Targets Europeans

A new Android banking trojan with over 50,000 installations has been observed distributed via the official Google Play Store with the goal of targeting 56 European banks and carrying out harvesting sensitive information from compromised devices. Dubbed Xenomorph by Dutch security firm ThreatFabric, the in-development malware is said to share overlaps with another banking trojan […]

root

Malware

Jan 05, 2022

New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification

An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft’s digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been tracking the sophisticated infection chain since November 2021, attributed it to a cybercriminal group dubbed MalSmoke, citing similarities […]

root

Cyber Attack

Dec 02, 2021

Researchers Warn Iranian Users of Widespread SMS Phishing Campaigns

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims’ bank accounts. Unlike other variants of banking malware that bank of overlay attacks to […]

root

Malware

Apr 28, 2021

Attention! FluBot Android Banking Malware Spreads Quickly Across Europe

Attention, Android users! A banking malware capable of stealing sensitive information is “spreading rapidly” across Europe, with the U.S. likely to be the next target. According to a new analysis by Proofpoint, the threat actors behind FluBot (aka Cabassous) have branched out beyond Spain to target the U.K., Germany, Hungary, Italy, and Poland. The English-language […]

root

Cyber Attack

Nov 22, 2019

Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison

A Russian hacker who created and used Neverquest banking malware to steal money from victims’ bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. Stanislav Vitaliyevich Lisov, 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 […]

root

Malware

Nov 22, 2019

Android Banking Malware “Ginp” Steal Credit/Debit Card Info via Screen Overlay Attack To Empty Your Bank Money

Researchers uncovered a new form of sophisticated Android banking malware named “Ginp” targets Android users via screen overlay attack to steal banking credentials, SMS & credit/debit card details to empty victims’ bank account. The Ginp malware initially spotted at the end of the Oct 2019 since then the malware is continuously under development, and 5 […]

root

Malware

Oct 23, 2019

Gustuff Android Banking Malware Uses SMS Messages to Hack Users Device

Gustuff banking malware returns with new features, the threat actors behind Gustuff malware made changes with distribution hosts and disabled C2 infrastructure. The malware uses SMS messages for propagation. The Gustuff malware is a fully automated one, the malware is capable of stealing login credentials by abusing Accessibility Services in Android devices. Researchers observed that […]

root

Malware

Aug 13, 2019

Cerberus: A New Android ‘Banking Malware For Rent’ Emerges

After a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses. Dubbed “Cerberus,” the new remote access Trojan allows remote attackers to take total control over the infected […]

root

Malware

Aug 02, 2019

Financially Motivated Hackers Group “Cobalt” Now Attack Banks by Launching Weaponized Word Document

Security researchers uncovered a new attack targeting the financial institution such as banks in Kazakhstan, and the attack believed to be initiated by one of the Financially motivated cyber-crime gang “Cobalt”. Cobalt group actively targeting victims in various countries since at least 2016, they particularly focus on the bank’s network to compromise the internal components […]

root

News

Aug 01, 2019

After Hacking 250M Accounts, TrickBot Trojan Can Now ‘Disable’ Windows Defender

If you are someone who relies on “Windows Defender” on Windows 10 to protect your device from malware threats, you should know about the new version of TrickBot malware that attempts to disable the antivirus software altogether. TrickBot Trojan isn’t exactly new as it surfaces from time to time. The last we heard about TrickBot was […]

root

News

Jul 04, 2019

This Android Malware ‘Records’ Your Screen To ‘Steal’ Banking Details

Creators behind malicious malware are evolving and coming up with new techniques to make it almost impossible for a normal user to spot them. A new banking trojan named BianLian, which was previously used as a dropper for spreading notorious banking malware like Anubis is affecting Android users all over the world. Researchers from Fortinet […]

root

Malware

May 19, 2019

Law Enforcement Operation Dismantles GozNym Banking Malware

An international law enforcement operation has led to the dismantling of the global cybercrime networkcybercrime network that used the GozNym banking malware to steal money from bank accounts across the world. TechCrunch reports, “Europol and the U.S. Justice Department, with help from six other countries, have disrupted and dismantled the GozNym malware, which they say […]

root