HackDig : Dig high-quality web security articles for hacker

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:161 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:174 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:209 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry
Publish At:2020-03-11 10:23 | Read:159 | Comments:0 | Tags:Malware banking malware banking Trojan Bottle exploit kit Bo

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

The malware discussed in this blog saw input from X-Force researchers Andre Piva and Ofir Ozer. It was initially described in a blog post by X-Force’s Maor Wiesen and Limor Kessem. The IBM Trusteer cybercrime research labs specialize in the detection and counteraction of the crimeware and attacks operated by organized cybercrime gangs. In one of our re
Publish At:2020-02-09 10:30 | Read:246 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Bankin

Ursnif Campaign Waves Breaking on Japanese Shores

According to IBM X-Force data on the activity of financial malware operated by organized cybercrime groups, the Ursnif (aka Gozi) banking Trojan was the most active malware code in the financial sector in 2016 and has maintained its dominance through 2017 to date. Ursnif’s activity is marked by both frequent code modifications and campaign activity in
Publish At:2017-10-26 19:35 | Read:4725 | Comments:0 | Tags:Banking & Financial Services Malware Threat Intelligence Ban

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:3636 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

Faketoken evolves and targets taxi booking apps to steal banking info

Kaspersky discovered a news strain of the mobile banking Trojan Faketoken that displays overlays on top of taxi booking apps to steal banking information. Security experts from Kaspersky have discovered a news strain of the infamous mobile banking trojan Faketoken that implements capabilities to detect and record an infected device’s calls and display
Publish At:2017-08-18 14:30 | Read:3713 | Comments:0 | Tags:Breaking News Malware Mobile Android Banking Malware Faketok

Where Are They Today? Cybercrime Trojans That No One Misses: Shifu Malware

This is the first installment in an ongoing series about banking malware that faded away in 2017. Cybercrime is a very dynamic threat landscape. With over 100 million malware strains tracked by AV-TEST in 2016, malware can be a dime a dozen. When it comes to the more organized cybercrime groups and sophisticated banking Trojan projects, malware families are
Publish At:2017-08-08 16:20 | Read:3896 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

After Big Takedown Efforts, 20 More BankBot Mobile Malware Apps Make It Into Google Play

A flashlight app, fake videos or a fake gaming app? Any one of those could be malicious and harboring a mobile malware app, right there in a trusted official app store. In an ongoing trend, IBM X-Force noted that malicious apps manage to circumvent controls and infiltrate legitimate stores. And this is not about the plethora of adware apps infecting users in
Publish At:2017-07-28 03:30 | Read:5025 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Mobile

Pinkslipbot banking Trojan exploiting infected machines as control servers

Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication. Security researchers at McAfee Labs have spotted a new strain of the Pinkslipbot banking malware (also known as QakBot/QBot) that leverages UPnP to open ports, allowing incoming connections from anyone on the Internet to commu
Publish At:2017-06-19 11:00 | Read:4670 | Comments:0 | Tags:Breaking News Cyber Crime Malware Banking Malware botnet Cyb

QakBot Banking Trojan Causes Massive Active Directory Lockouts

IBM X-Force Research recently observed a wave of malware-induced Active Directory (AD) lockouts across several incident response engagements. The lockouts caused hundreds to thousands of AD users to get locked out of their company’s domain in rapid succession, leaving employees of the impacted organizations unable to access their endpoints, company ser
Publish At:2017-06-03 00:15 | Read:7549 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Banki

TrickBot Is Hand-Picking Private Banks for Targets — With Redirection Attacks in Tow!

IBM X-Force research follows organized cybercrime and continually monitors the criminals’ targets and modus operandi. In a recent analysis of TrickBot campaigns in the U.K., Australia and Germany, I found that the operators of the infamous Trojan have been adding new redirection attacks focused on a list of brands that I had never seen in the past. Cur
Publish At:2017-04-27 19:35 | Read:4795 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Avalanche: Thwarting Cybercriminal Hazards with Law Enforcement Collaboration

On November 30th, an international law enforcement operation stamped out Avalanche, a large-scale content and management platform designed for the delivery of bullet-proof botnets. Avalanche’s scale and scope spanned victims from 180 countries, over 800,000 domains in 60+ top-level domains (TLD), more than one million phishing and spam e-mails, 500,000 infec
Publish At:2016-12-07 22:10 | Read:5453 | Comments:0 | Tags:Botnets Malware Avalanche banking malware botnet law enforce

Brazilian underground is the first in spreading cross-platform malware

Coder in the Brazilian Cyber Criminal underground are Pioneering Cross-platform malware relying on Java archive (JAR) Files. Recently security experts at PaloAlto Networks uncovered a new family of ransomware dubbed KeRanger that targets Mac OS X users, a circumstance that demonstrates that every OS is potentially at risk. Now researchers at Kaspersky Lab ha
Publish At:2016-03-09 11:05 | Read:3876 | Comments:0 | Tags:Breaking News Malware Banking Malware Brazil cross-platform

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud