HackDig : Dig high-quality web security articles for hackers

Jackpotting Reveals Openings in Proprietary Software

Jackpotting, an older ATM theft technique, could show security operations team members what to look out for when it comes to Internet of things (IoT) attacks in general, and even election machine vulnerabilities.  This technique first entered the U.S. cybersecurity lexicon in 2018, when Brian Krebs warned of attacks at American ATMs. Jackpotting, Krebs
Publish At:2020-09-14 10:37 | Read:119 | Comments:0 | Tags:Advanced Threats Fraud Protection Malware ATM ATM Malware Ba

Source code of Cerberus Android Trojan offered for sale for $100,000

The authors of the Android Cerberus banking trojan are auctioning the project for a price starting at $50,000, with $100K the deal could be immediately closed. The authors of the notorious Cerberus Android banking trojan are auctioning their project for a price starting at $50,000, but buyers could close the deal for $100,000. The overall project inclu
Publish At:2020-07-27 15:20 | Read:298 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Banking Malware Ce

BlackRock Android Banking Malware Targeting 337 Mobile Apps

Security researchers discovered a new Android banking malware family called “BlackRock” that targets 337 mobile applications.ThreatFabric found that BlackRock hid its icon when it first launched itself on a mobile device. It then posed as a Google update in an attempt to gain access to a user’s Accessibility Service. Once it received access
Publish At:2020-07-16 11:51 | Read:277 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Android

Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey

The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a simple short message server (SMS) stealer and rapidly evolved into one of the most advanced actors in the financial fraud landscape. Ginp has primarily targeted Spanish banks, but recent evidence suggests the m
Publish At:2020-06-18 12:15 | Read:284 | Comments:0 | Tags:Application Security Banking & Financial Services Data Prote

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:923 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

A Brand New Ursnif/ISFB Campaign Targets Italian Organizations

Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe.   Recently, we have identified a new variant that is targeting Italian organiz
Publish At:2020-04-17 21:53 | Read:610 | Comments:0 | Tags:Breaking News Cyber Crime Malware Banking Malware Hacking ha

Grandoreiro Malware Now Targeting Banks in Spain

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers
Publish At:2020-04-13 10:30 | Read:668 | Comments:0 | Tags:Malware Threat Research Banking Banking Malware Banking Troj

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:710 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:831 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:704 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry
Publish At:2020-03-11 10:23 | Read:689 | Comments:0 | Tags:Malware banking malware banking Trojan Bottle exploit kit Bo

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

The malware discussed in this blog saw input from X-Force researchers Andre Piva and Ofir Ozer. It was initially described in a blog post by X-Force’s Maor Wiesen and Limor Kessem. The IBM Trusteer cybercrime research labs specialize in the detection and counteraction of the crimeware and attacks operated by organized cybercrime gangs. In one of our re
Publish At:2020-02-09 10:30 | Read:653 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Bankin

Ursnif Campaign Waves Breaking on Japanese Shores

According to IBM X-Force data on the activity of financial malware operated by organized cybercrime groups, the Ursnif (aka Gozi) banking Trojan was the most active malware code in the financial sector in 2016 and has maintained its dominance through 2017 to date. Ursnif’s activity is marked by both frequent code modifications and campaign activity in
Publish At:2017-10-26 19:35 | Read:5482 | Comments:0 | Tags:Banking & Financial Services Malware Threat Intelligence Ban

Brazilian Malware Client Maximus: Maximizing the Mayhem

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an
Publish At:2017-09-12 13:50 | Read:4482 | Comments:0 | Tags:Fraud Protection Malware Threat Intelligence Advanced Threat

Faketoken evolves and targets taxi booking apps to steal banking info

Kaspersky discovered a news strain of the mobile banking Trojan Faketoken that displays overlays on top of taxi booking apps to steal banking information. Security experts from Kaspersky have discovered a news strain of the infamous mobile banking trojan Faketoken that implements capabilities to detect and record an infected device’s calls and display
Publish At:2017-08-18 14:30 | Read:4286 | Comments:0 | Tags:Breaking News Malware Mobile Android Banking Malware Faketok

Tools

Tag Cloud