HackDig : Dig high-quality web security articles for hackers

Shining a light on “Silent Night” Zloader/Zbot

When it comes to banking Trojans, ZeuS is probably the most famous one ever released. Since its source code originally leaked in 2011, several new variants proliferated online. That includes a past fork called Terdot Zbot/Zloader, which we extensively covered in 2017. But recently, we observed another bot, with a design reminiscent of ZeuS, that seems to
Publish At:2020-05-24 07:20 | Read:77 | Comments:0 | Tags:Malware Threat analysis banking Trojan banking Trojans HYAS

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), w
Publish At:2020-05-03 08:13 | Read:319 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Fraud

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:446 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

Grandoreiro Malware Now Targeting Banks in Spain

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers
Publish At:2020-04-13 10:30 | Read:350 | Comments:0 | Tags:Malware Threat Research Banking Banking Malware Banking Troj

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

The past two years have borne witness to the increasing collaboration between organized cybercrime groups to avoid duplication of efforts and maximize profits. Although this collaboration has primarily occurred between gangs developing and distributing well-known banking Trojans, such as Emotet, TrickBot and IcedID, it does not stop there. In a new and dange
Publish At:2020-04-07 08:25 | Read:446 | Comments:0 | Tags:Advanced Threats Threat Intelligence Banking Trojan Collabor

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:415 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:364 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

Fake Coronavirus Finder spread Ginp Mobile Banker

Security experts have spotted a new COVID-themed campaign aimed at distributing the Ginp Mobile Banker with “Coronavirus Finder” lure. With the COVID19 outbreak, the number of Coronavirus-themed attacks is rapidly increasing. Kaspersky Lab experts have uncovered a malicious campaign that is spreading the Android banking trojan Ginp masquerade
Publish At:2020-03-25 12:17 | Read:544 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile banking trojan coro

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:353 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

A new variant of the TrickBot malware is targeting telecommunications organizations in the United States and Hong Kong. Security experts from Bitdefender recently discovered a new TrickBot variant that is targeting telecommunications organizations in the United States and Hong Kong. TrickBot is a popular banking Trojan that has been around since Octob
Publish At:2020-03-19 19:44 | Read:344 | Comments:0 | Tags:Breaking News Hacking Malware banking trojan hacking news in

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry
Publish At:2020-03-11 10:23 | Read:297 | Comments:0 | Tags:Malware banking malware banking Trojan Bottle exploit kit Bo

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

The financial malware arena became a mainstream issue a little over a decade ago with the rise of malware like the Zeus Trojan, which at the time was the first commercial banking Trojan available to the cybercrime world. We have come a long way since, and the past decade saw banking Trojans become increasingly sophisticated, specialized and exclusive, operat
Publish At:2020-02-18 09:32 | Read:393 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Botnets Cybercrim

Sextortion Scams Delivered by Emotet Net 10 Times More Than Necurs Sextortion — Here’s Why

Recent spam campaigns from Emotet featured sextortion content very similar to emails previously sent by the Necurs botnet. However, Emotet spam ended up netting 10 times the amount that a comparable Necurs campaign did — within a matter of six hours. Why was Emotet so much more successful with the same type of ploy? Two factors played into this. First, Emote
Publish At:2020-02-15 17:18 | Read:416 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Bitcoin Botnet Cy

Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails. The messages contain Microsoft Office files loaded with macros that, when enabled, launch an infection routine that delivers the Emotet Trojan. In general, Emotet is very focused on infecting companies
Publish At:2020-02-09 10:30 | Read:528 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Cyberc

7 types of virus – a short glossary of contemporary cyberbadness

byPaul DucklinOK, technically, this article is about malware in general, not about viruses in particular.Strictly speaking, virus refers to a type of malware that spreads by itself, so that once it’s in your system, you may end up with hundreds or even thousands of infected files……on every computer in your network, and in the networks your
Publish At:2019-12-28 17:35 | Read:736 | Comments:0 | Tags:Malware Banking Trojan Data Stealer keylogger malware RAM sc

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud