Security Affairs

SEPTEMBER 27, 2021

ERMAC is a new Android banking Trojan that can steal financial data from 378 banking and wallet apps. Researchers from Threatfabric found in July a new Android banking trojan dubbed ERMAC that is almost fully based on the popular banking trojan Cerberus. SecurityAffairs – hacking, banking trojan). 3k$ per month.

Banking 80

Banking Malware Mobile Encryption 80

Approachable Cyber Threats

FEBRUARY 8, 2023

Banks are taking revolutionary approaches to digitize and streamline the customer experience - but these measures could come with a cost without strategic cybersecurity measures. The world is changing, and the banking industry is evolving too. The Industry Digital banking is transforming the way people access and manage their finances.

Banking 94

Banking Social Engineering Cyber threats Encryption 94

Security Affairs

MAY 20, 2024

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. The malware employed in the multi-faceted campaign shared the same C2 infrastructure, suggesting attackers coordinated efforts to maximize the impact of the attacks.

Malware 100

Malware Banking Software Advertising 100

Bleeping Computer

AUGUST 13, 2022

The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [.].

Encryption 84

Encryption Ransomware Mobile Banking 84

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. They are now hex encoded and encrypted with an XOR key (first 4 bytes of the string).

Banking 99

Banking Malware Cybercrime Encryption 99

SecureList

MARCH 20, 2024

Introduction Malware for mobile devices is something we come across very often. million malware, adware, and riskware attacks on mobile devices. Last month, we wrote a total of four private crimeware reports on Android malware, three of which are summarized below. In 2023 , our technologies blocked 33.8

Malware 91

Malware Mobile Firmware Spyware 91

Security Boulevard

JULY 18, 2022

However, threat actors continue to evolve their tactics and are able to successfully upload dangerous apps laced with malware on the Google play store. Recently, the Zscaler ThreatLabz team discovered apps involving multiple instances of the Joker, Facestealer, and Coper malware families spreading in the virtual marketplace.

Banking 98

Banking Malware Encryption Architecture 98

Security Affairs

OCTOBER 1, 2021

Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. . Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. ” states the analysis published by Cyble.

Banking 109

Banking Malware Encryption Hacking 109

Malwarebytes

NOVEMBER 16, 2021

Researchers have discovered and analyzed a new Android banking Trojan that allows attackers to steal sensitive banking information such as user credentials, personal information, current balance, and even to perform gestures on the infected device. Once installed, the malware downloads an additional module from the C2.

Banking 98

Banking Financial Services Encryption Malware 98

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering 80

Social Engineering Mobile Authentication Engineering 80

The Hacker News

SEPTEMBER 19, 2021

A newly spotted banking trojan has been caught leveraging legitimate platforms like YouTube and Pastebin to store its encrypted, remote configuration and commandeer infected Windows systems, making it the latest to join the long list of malware targeting Latin America (LATAM) after Guildma, Javali, Melcoz, Grandoreiro, Mekotio, Casbaneiro, Amavaldo, (..)

Banking 108

Banking Encryption Malware 108

Security Affairs

SEPTEMBER 19, 2021

Numando, a new banking Trojan that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. ESET researchers spotted a new LATAM banking trojan, tracked as Numando, that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. ” reads the analysis published by ESET.

Banking 103

Banking Encryption Malware Hacking 103

Security Boulevard

DECEMBER 30, 2021

Picus Labs has updated the Picus Threat Library with new attack methods for Krachulka, Lokorrito, Zumanek Trojans that are targeting banks in Brazil, Mexico, and Spain. In this blog, techniques used by these malware families will be explored. Banking trojans have a significant role in the cybercrime scene in Latin America.

Banking 111

Banking Malware Spyware Phishing 111

Security Affairs

MARCH 23, 2023

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications.

Banking 79

Banking Cryptocurrency Malware Advertising 79

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. We have seen news of ChatGPT leaking user’s information and law enforcement asking for backdoors in encryption routines. This is changing.

Malware 73

Malware Passwords Identity Theft Banking 73

Security Boulevard

JANUARY 26, 2023

Godfather malware includes banking trojans used by different threat actors to target Android mobile devices. 1) One primary design of Godfather malware is to harvest login credentials for various financial applications, including cryptocurrency wallets and exchanges. Initial variants were reported beginning of March 2021. (1)

Banking 84

Banking Malware Cryptocurrency Mobile 84

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 124

Banking Malware Internet Internet 124

Krebs on Security

AUGUST 17, 2018

12, KrebsOnSecurity carried an exclusive : The FBI was warning banks about an imminent “ATM cashout” scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. The Blacksburg bank is now suing its insurance provider for refusing to fully cover the loss. On Sunday, Aug.

Banking 187

Banking Accountability Data breaches Malware 187

SecureList

MAY 17, 2021

Bizarro is yet another banking Trojan family originating from Brazil that is now found in other regions of the world. Attempts have now been made to steal credentials from customers of 70 banks from different European and South American countries. The malware developers have used obfuscation to complicate code analysis.

Banking 142

Banking Social Engineering Malware Engineering 142

Security Affairs

OCTOBER 3, 2018

According to malware researchers from Proofpoint, DanaBot attackers launched a new campaign aimed at banks in the United States. A couple of weeks ago, security experts at ESET observed a surge in activity of DanaBot banking Trojan that was targeting Poland, Italy, Germany, Austria, and as of September 2018, Ukraine.

Banking 79

Banking Malware Ransomware Advertising 79

CyberSecurity Insiders

SEPTEMBER 19, 2022

Another threat that is giving jitters to Indian CERT is the entry of SOVA malware into the mobile cyber space of India. According to an update released in the last weekend, SOVA meaning Owl in Russia is being circulated online and on the play store in disguise of essential banking software.

Malware 106

Malware Computers and Electronics Banking Cyber threats 106

Security Affairs

JUNE 22, 2020

Experts spotted a new version of the IcedID banking trojan that uses steganography to infect victims as part of COVID-19 themed attacks. A new version of the IcedID banking trojan was employed in COVID-19 themed attacks , the new variant uses steganography to infect victims and implements anti-detection capabilities. dat” files. .

Banking 106

Banking Encryption Malware Wireless 106

Malwarebytes

JUNE 5, 2023

Ransomware is creating additional work for a major Spanish bank. The bank released a statement on June 2, which reads as follows: COMUNICADO OFICIAL En el día de ayer, registramos un ciberincidente, consistente en un ataque informático a algunos equipos locales a través de un virus tipo #ransomware. Detect intrusions.

Banking 75

Banking Ransomware Computers and Electronics Backups 75

Fox IT

MARCH 3, 2022

Authors: Alberto Segura, Malware analyst Rolf Govers, Malware analyst & Forensic IT Expert. NCC Group, as well as many other researchers noticed a rise in Android malware last year, especillay Android banking malware. One of these ‘newer’ families is an Android banking malware called SharkBot.

Banking 81

Banking Malware Encryption Antivirus 81

Security Affairs

SEPTEMBER 12, 2020

The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS). The Central Bank of Seychelles (CBS) disclosed via a press statement that the Development Bank of Seychelles (DBS) was hit by a ransomware attack. ” reads the statement.”The

Banking 121

Banking Ransomware Government Advertising 121

CyberSecurity Insiders

NOVEMBER 20, 2022

Thousands of financial transactions related to demat accounts were halted on Friday November 18th,2022 as the servers at the Central Depository Services (India) Limited went through a cyber attack of the malware genre. The post Malware attack on India CDSL halts financial transactions on Friday appeared first on Cybersecurity Insiders.

Malware 102

Malware Banking Cryptocurrency Cyber Attacks 102

CyberSecurity Insiders

NOVEMBER 29, 2021

IKEA, the furniture giant from Sweden, has disclosed that its servers were hit by a Qakbot malware that could have compromised its staff and partner accounts to a certain extent. QuakBot aka QuackBot malware is actually a malicious software that has the potential to steal banking credentials and is existing since the year 2007.

Malware 105

Malware Retail Banking Accountability 105

CyberSecurity Insiders

JULY 8, 2021

Trickbot banking malware is back in news for inducing a new ransomware variant into the wild. Researchers from Fortinet’s FortiGuard Labs has have found that the new malware strain is acting similar to that of Conti Ransomware with a change that it Asymmetric encryption algorithms unlike other file encrypting malware variants.

Malware 110

Malware Ransomware Encryption Healthcare 110

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 111

Banking Ransomware Advertising VPN 111

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 85

Banking Malware Cryptocurrency Advertising 85

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members.

Malware 80

Malware Banking Ransomware Passwords 80

Security Affairs

JUNE 5, 2021

Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. The Ransomware perform file system enumeration while encrypting the victim files, then appends the extension “.BlackCocaine ” concludes the report.

Ransomware 123

Ransomware Malware Encryption Financial Services 123

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 89

Malware Banking Healthcare Penetration Testing 89

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers.

Mobile 138

Mobile Malware Adware Banking 138

Security Affairs

DECEMBER 18, 2023

Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. Info stealers, also known as information stealers, are a type of malicious software (malware) designed to covertly collect sensitive and personal information from a victim’s computer or network.

Banking 114

Banking Cybercrime Malware Accountability 114

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. In a first stage it allocates the memory space where to copy the encrypted data and whose content is executed by the packer.

Ransomware 95

Ransomware Malware Cybercrime Banking 95

Security Affairs

NOVEMBER 24, 2018

According to security reearchers at Trend Micro, the North Korea-linked APT group Lazarus recently targeted banks in Latin America. The North Korea-linked APT group Lazarus recently targeted banks in Latin America, Trend Micro experts reported. n = number of characters in the loader dll’s filename. Pierluigi Paganini.

Banking 94

Banking Encryption Malware Advertising 94