Security Affairs

MARCH 10, 2023

A new version of the Xenomorph Android malware includes a new automated transfer system framework and targets 400 banks. The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. ” reads the report published by Threat Fabric. ” continues the report.

Banking 98

Banking Malware Cryptocurrency Engineering 98

Malwarebytes

DECEMBER 21, 2022

Researchers at Cyble Research & Intelligence Labs (CRIL) have found a new version of the Android banking Trojan called Godfather. Anubis was a widely used Android banking Trojan that lost popularity after its functionality got limited by Android updates and security vendors’ detection and prevention efforts.

Banking 96

Banking Malware Mobile Financial Services 96

SecureList

FEBRUARY 8, 2024

The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, we encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil.

Banking 109

Banking Encryption Malware Technology 109

Security Affairs

FEBRUARY 27, 2020

Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. The malware-as-a-service Cerberus has emerged in the threat landscape in August 2019 , it is an Android RAT developed from scratch that doesn’t borrow the code from other malware.

Banking 92

Banking Authentication Advertising Malware 92

Security Affairs

MAY 12, 2021

Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in Europe. The researchers detected on 29th March 2021, for the first time the inclusion of injections against Italian banks, and in May the malware targeted Belgium and Netherlands banks.

Banking 104

Banking Malware Media Authentication 104

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. The author frequently adds new commands.

Malware 105

Malware Spyware Authentication Mobile 105

Security Affairs

JUNE 18, 2022

Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. ” concludes the report.

Banking 112

Banking Cryptocurrency Malware Mobile 112

Security Affairs

JULY 4, 2023

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. Neo_Net’s eCrime campaign was reportedly targeting clients of banks globally, with a focus on Spanish and Chilean banks, from June 2021 to April 2023. ” Thill explained.

Banking 78

Banking Phishing Social Engineering Authentication 78

Security Affairs

NOVEMBER 10, 2023

The Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack that disrupted trades in the US Treasury market. The Industrial and Commercial Bank of China (ICBC) announced it has contained a ransomware attack that disrupted the U.S. ” reported the Financial Times. ” reported the Financial Times.

Banking 94

Banking Ransomware Marketing Financial Services 94

Approachable Cyber Threats

FEBRUARY 8, 2023

Banks are taking revolutionary approaches to digitize and streamline the customer experience - but these measures could come with a cost without strategic cybersecurity measures. The world is changing, and the banking industry is evolving too. The Industry Digital banking is transforming the way people access and manage their finances.

Banking 94

Banking Social Engineering Cyber threats Encryption 94

Security Affairs

MAY 17, 2021

Bizarro is a new sophisticated Brazilian banking trojan that is targeting customers of tens of banks in Europe and South America. Researchers from Kaspersky have spotted a new sophisticated Brazilian banking trojan dubbed Bizarro that is targeting customers of tens of 70 banks in Europe and South America.

Banking 98

Banking Social Engineering Malware Engineering 98

Troy Hunt

APRIL 26, 2021

Earlier this year, the FBI in partnership with the Dutch National High Technical Crimes Unit (NHTCU), German Federal Criminal Police Office (BKA) and other international law enforcement agencies brought down what Europol rereferred to as the world's most dangerous malware: Emotet. Turn on 2 factor authentication wherever available.

Malware 347

Malware Passwords Banking Password Management 347

Security Affairs

MARCH 23, 2023

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications.

Banking 77

Banking Cryptocurrency Malware Advertising 77

CyberSecurity Insiders

MARCH 3, 2022

Cybersecurity researchers from Proofpoint have found that cyber crooks are easily see foxing users of Multifactor Authentication (MFA) these days by buying phishing kits that have the ability to bypass MFA. After reading the article, you might get a feeling on how to proceed with Multi-factor Authentication and keep your online activity safe.

Authentication 102

Authentication Phishing Banking Technology 102

Malwarebytes

MARCH 15, 2022

Aberebot, a known Android banking Trojan, has changed its name and returned loaded with new features. I am an Android malware developer and I want to start renting my private Android banking bot here. The post Escobar is the new Android banking Trojan we’ve met before appeared first on Malwarebytes Labs.

Banking 113

Banking Malware Mobile Authentication 113

Schneier on Security

JUNE 20, 2018

Sounds like a really good idea, but Andreas Gutmann points out an application where this could become a vulnerability: when authenticating transactions: Transaction authentication, as opposed to user authentication, is used to attest the correctness of the intention of an action rather than just the identity of a user.

Authentication 142

Authentication Banking Social Engineering Mobile 142

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. Malvertising If the last year has taught us something, it’s that scammers and malware peddlers can afford to buy sponsored search results and outbid the brand owner so that their links come out on top.

Malware 77

Malware Passwords Identity Theft Banking 77

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 100

Phishing Banking Mobile Scams 100

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 120

Malware Antivirus Software Passwords 120

Security Boulevard

JANUARY 26, 2023

Godfather malware includes banking trojans used by different threat actors to target Android mobile devices. 1) One primary design of Godfather malware is to harvest login credentials for various financial applications, including cryptocurrency wallets and exchanges. Initial variants were reported beginning of March 2021. (1)

Banking 84

Banking Malware Cryptocurrency Mobile 84

CyberSecurity Insiders

FEBRUARY 22, 2022

Trickbot Malware that started just as a banking malware has now emerged into a sophisticated data stealing tool capable of injecting malware like ransomware or serve as an Emotet downloader. The post Trickbot Malware hits 140,000 victims appeared first on Cybersecurity Insiders.

Malware 122

Malware Social Engineering Banking Phishing 122

Malwarebytes

NOVEMBER 16, 2021

Researchers have discovered and analyzed a new Android banking Trojan that allows attackers to steal sensitive banking information such as user credentials, personal information, current balance, and even to perform gestures on the infected device. ” Type and source of the infection. ” Type and source of the infection.

Banking 104

Banking Financial Services Encryption Malware 104

Fox IT

MAY 4, 2021

In this post we provide some history, analysis and observations on this most pernicious family of banking malware targeting Oceania, the UK, Germany and Italy. Despite its long and rich history in the cyber-criminal underworld, the Gozi malware family is surrounded with mystery and confusion. Introduction.

Banking 98

Banking Malware Encryption Architecture 98

SecureList

MAY 17, 2021

Bizarro is yet another banking Trojan family originating from Brazil that is now found in other regions of the world. Attempts have now been made to steal credentials from customers of 70 banks from different European and South American countries. The malware developers have used obfuscation to complicate code analysis.

Banking 142

Banking Social Engineering Malware Engineering 142

Security Affairs

NOVEMBER 7, 2022

The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. This feature allows crooks to order this feature to bypass multi-factor authentication (MFA) in their campaigns. . ” reads a report published by security firm IronNet.

Banking 89

Banking Phishing DDOS Authentication 89

Security Affairs

SEPTEMBER 24, 2020

Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Alien first appeared in the threat landscape early this year, its model of sale is Malware-as-a-Service (MaaS) and is advertised on several underground hacking forums.

Banking 83

Banking Malware Advertising Architecture 83

Security Affairs

JULY 8, 2020

Experts found a tainted app in the Google Play store that was downloaded by more than 10,000 users and that was delivering the Cerberus banking Trojan. The malware-as-a-service Cerberus has emerged in the threat landscape in August 2019, it is an Android RAT developed from scratch that doesn’t borrow the code from other malware.

Banking 105

Banking Malware Authentication Advertising 105

Security Affairs

MARCH 7, 2022

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. SharkBot is a banking trojan that has been active since October 2021, it allows to steal banking account credentials and bypass multi-factor authentication mechanisms.

Banking 78

Banking Antivirus Mobile Malware 78

Heimadal Security

MARCH 7, 2022

SharkBot is a banking malware for Android devices that was discovered around the end of October 2021. One of the primary objectives of SharkBot is to start money transfers from hacked devices via the Automatic Transfer Systems (ATS) approach, which circumvents multi-factor authentication measures.

Antivirus 86

Antivirus Malware Authentication Banking 86

The Last Watchdog

JUNE 18, 2018

Bank patrons in their 20s and 30s, who grew up blanketed with digital screens, have little interest in visiting a brick-and-mortar branch, nor interacting with a flesh-and-blood teller. This truism is pushing banks into unchartered territory. So banks are all in. LaSalla: Back in the day it was hardware tokens for banks.

Banking 173

Banking Mobile Social Engineering Authentication 173

Bleeping Computer

MARCH 12, 2022

The Aberebot banking trojan appears to have returned, as its author is actively promoting a new version of the tool on dark web markets and forums. [.].

Authentication 98

Authentication Banking Malware Marketing 98

Security Affairs

MAY 26, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fix it now!

Healthcare 97

Healthcare Spyware Data breaches Banking 97

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 120

Banking Malware Internet Internet 120

Malwarebytes

FEBRUARY 1, 2022

Cleafy, a cybersecurity firm specializing in online fraud, has published new details about banking Trojan BRATA (Brazilian Remote Access Tool, Android), a known malware strain that first became widespread in 2019. But how does such dangerous malware end up on victims’ devices? Out with the old. How BRATA is spread.

Malware 95

Malware Banking Mobile Social Engineering 95

Security Boulevard

MARCH 22, 2022

The dangerous Escobar malware’s key capabilities are being modified dynamically. It was originally an old banking trojan called Aberebot that has now been modified into the deadly Escobar malware that has been reported from over 119 countries so far. The post What could be next for the Escobar malware?

Malware 97

Malware Banking Authentication 97

Malwarebytes

OCTOBER 11, 2022

The American Bankers Association and other banks in the US are involved in an awareness campaign tied in with National Cybersecurity Awareness Month. It’s called “Banks never ask that," and this is a good place to focus a campaign given the number of times we do indeed say that “banks will never ask you this.”

Banking 84

Banking Security Awareness Phishing Scams 84

Security Affairs

DECEMBER 8, 2022

While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. Clicking on the “Download for Android” button leads to downloading the Ermac malware. Keylogging. Pierluigi Paganini.

Malware 97

Malware Banking Cryptocurrency Advertising 97