Security Affairs

FEBRUARY 4, 2025

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Then the malware starts monitoring the active window.

Banking 119

Banking Malware Antivirus Cyber threats 119

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking 279

Banking Passwords Risk Accountability 279

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said. dot-gov emails get hacked.

Hacking 293

Hacking Accountability Government Social Engineering 293

Krebs on Security

MAY 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name. Source: DOJ. Vladimir Gorin , a.k.a

Cybercrime 231

Cybercrime Banking Small Business Computers and Electronics 231

Security Affairs

MARCH 31, 2025

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Threat actors are exploiting DNS techniques to enhance phishing attacks, using MX records to dynamically serve spoofed login pages. “We discovered cyber campaigns that used the phishing kits as early as January 2020.

DNS 86

DNS Phishing Banking Passwords 86

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns. Attackers also employ encrypted or password-protected files to evade security detection.

Banking 89

Banking Phishing Malware Passwords 89

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. Bank customers. Bank customers.

Malware 336

Malware Banking Phishing DDOS 336

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. domestic bank to finalize the closing. Upon notification, the Recovery Asset Team immediately initiated the process to freeze the fraudulent recipient bank account. billion in losses.

Cybercrime 72

Cybercrime Scams Internet Internet 72

Krebs on Security

AUGUST 17, 2018

12, KrebsOnSecurity carried an exclusive : The FBI was warning banks about an imminent “ATM cashout” scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. The Blacksburg bank is now suing its insurance provider for refusing to fully cover the loss. On Sunday, Aug.

Banking 211

Banking Accountability Data breaches Malware 211

Security Affairs

DECEMBER 12, 2021

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes. “The phish sites are fairly similar.

Banking 145

Banking Phishing Social Engineering Engineering 145

Security Affairs

MAY 1, 2025

The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises. The domain list helps prevent future malicious use, allows security teams to scan past logs for breaches, and supports phishing analysis and model training.

Phishing 75

Phishing Banking Threat Detection Authentication 75

Security Affairs

MAY 13, 2025

He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. “He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands.” million euros.”

Ransomware 108

Ransomware Cybercrime Malware Banking 108

Security Affairs

JUNE 4, 2024

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. .

Banking 130

Banking Phishing Social Engineering Engineering 130

Krebs on Security

JULY 24, 2018

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 That second computer had the ability to manage National Bank customer accounts and their use of ATMs and bank cards. million total.

Banking 197

Banking Insurance Computers and Electronics Cyber Insurance 197

Krebs on Security

FEBRUARY 17, 2021

billion from banks and other victims worldwide. Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 Investigators with the DOJ, U.S. Investigators with the DOJ, U.S.

Cryptocurrency 343

Cryptocurrency Financial Services Banking Government 343

Krebs on Security

NOVEMBER 22, 2021

“According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Abnormal’s Crane Hassold wrote. Krebson is a clout-chasing monger.

Scams 329

Scams Cybercrime Banking Identity Theft 329

Bleeping Computer

FEBRUARY 27, 2024

The Phishing as a Service (PhaaS) platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity. [.]

Banking 90

Banking Phishing Cybercrime 90

Security Affairs

MAY 28, 2025

DomainTools noted that the fake Bitdefender site also overlaps in timing and infrastructure with other phishing domains impersonating banks and IT services, including sites used to steal logins for Microsoft and the Royal Bank of Canada. 160 on port 4449. ” concludes the report that also provides Indicators of compromise.

Antivirus 120

Antivirus Malware Banking Passwords 120

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. Don’t put them on hold while you call your bank; the scammers can get around that, too. Just hang up.

Passwords 343

Passwords Mobile Authentication Banking 343

Security Affairs

NOVEMBER 7, 2022

The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. This feature is offered for $1,500 per month, while Robin Bank’s full access is offered for $200 per month. ” reads a report published by security firm IronNet.

Banking 100

Banking Phishing DDOS Authentication 100

Security Boulevard

MAY 23, 2021

As Cybercrime against the Financial Sector Jumps by 238%, What Can Banks Do to Address the Risk? The rise of cybercrime in 2020 was widely reported, but did you realize how much of the threat was targeted at the financial sector? The post 5 Growing Trends to Watch in Banking Cybersecurity appeared first on CybeReady.

Banking 133

Banking Cybersecurity Cybercrime Risk 133

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. The gang targets high-value victims, also called “mammoths,” for digital asset theft, including cryptocurrencies, payment cards, online banking accounts, and non-fungible tokens (NFTs).

Scams 85

Scams Media Cryptocurrency Cybercrime 85

Security Affairs

JULY 19, 2020

The Tetrade term coined by Kaspersky experts to refer four large banking trojan families developed and spread by Brazilian crooks worldwide. The Brazilian cybercrime underground is recognized as the most focuses on the development and commercialization of banking trojans. File types vary from Visual Basic Script to LNK.”

Banking 139

Banking Malware Phishing Advertising 139

Security Affairs

FEBRUARY 16, 2021

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost.

Phishing 142

Phishing Cybercrime Mobile Internet 142

Security Affairs

NOVEMBER 10, 2024

CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog DPRK-linked BlueNoroff used macOS malware with novel persistence Canada ordered ByteDance to shut down TikTok operations in the country over security concerns Critical bug in Cisco UWRB access points allows attackers to run commands (..)

Ransomware 117

Ransomware Cybercrime Phishing Banking 117

The Hacker News

APRIL 18, 2024

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world.

Phishing 133

Phishing Cybercrime Banking 133

Security Affairs

APRIL 11, 2020

Monte dei Paschi, one of the biggest Italian banks, suffered a cyber attack, hackers accessed the mailboxes of some employees and sent emails to clients. Italian state-owned bank Monte dei Paschi discloses a security breach, hackers have accessed the mailboxes of some employees and sent emails to clients. Pierluigi Paganini.

Banking 145

Banking Cyber Attacks Advertising Cybercrime 145

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million detections compared to 5.84

Phishing 81

Phishing Banking Scams Mobile 81

SecureWorld News

MARCH 20, 2025

March Madness is here, and while fans are busy filling out brackets and making last-minute bets, cybercriminals are running their own full-court presstargeting unsuspecting fans with phishing scams, fake betting apps, and credential-harvesting schemes. This scenario follows the common phishing tactics: strike at personal interest.

Scams 83

Scams Social Engineering Mobile Phishing 83

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. while the list of commands supported by ERMAC 2.0

Banking 145

Banking Malware Cybercrime Phishing 145

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). On Android, these phishing WebAPKs even appear to have been installed from the Google Play store.”

Phishing 133

Phishing Mobile Banking Social Engineering 133

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking 134

Banking Malware Antivirus Accountability 134

Krebs on Security

AUGUST 12, 2018

The FBI said unlimited operations compromise a financial institution or payment card processor with malware to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs. million from accounts at the National Bank of Blacksburg in two separate ATM cashouts between May 2016 and January 2017.

Banking 227

Banking Accountability Retail Phishing 227

Penetration Testing

DECEMBER 1, 2023

Cybercrime in Iran continues to escalate, posing a significant threat to the financial security of local citizens.

Banking 83

Banking Phishing Penetration Testing Cybercrime 83

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 363

Phishing VPN Social Engineering Media 363