HackDig : Dig high-quality web security articles for hacker

Neverquest Gang Takes Leave — Is It the End of the Quest?

I’ll bet no one is missing the Neverquest Trojan, and maybe that’s why many have not even realized one of the top cybergang-operated malware codes has taken a substantial plunge this year. The Neverquest Trojan, a consistent occupant of the top 10 most active banking Trojans in the world, has suffered a blow due to the arrest of one of its allege
Publish At:2017-05-05 01:55 | Read:5145 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

The Necurs Botnet: A Pandora’s Box of Malicious Spam

This is the tale of a cybercrime botnet operation that, within about five years of its existence, has been named one of the largest botnets in the world. It’s called the Necurs botnet. It militarizes up to 6 million zombie endpoints, delivers some of the worst banking Trojans and ransomware threats in batches of millions of emails at a time, and it kee
Publish At:2017-04-24 18:00 | Read:5448 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Dridex’s Cold War: Enter AtomBombing

IBM X-Force discovered that Dridex, one of the most nefarious banking Trojans active in the financial cybercrime arena, recently underwent a major version upgrade that is already active in online banking attacks in Europe. A few weeks ago, our cybercrime labs detected a new major version of the Dridex banking Trojan, Dridex v4. The updated code features a ne
Publish At:2017-03-01 00:05 | Read:3990 | Comments:0 | Tags:Advanced Threats Banking & Financial Services Fraud Protecti

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game

By Alice Decker, Jasen Sumalapao, and Gilber Sison In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEy
Publish At:2016-12-30 08:05 | Read:2969 | Comments:0 | Tags:Malware Ransomware Spam CERBER DRIDEX EMOTET GoldenEye Misch

Nǐ Hǎo TrickBot? Dyre Successor Spreads to Asia

The TrickBot Trojan emerged in October 2016 as new banking malware, boasting a code that appears to have more than one feature in common with the Dyre Trojan. From its very early days, TrickBot already possessed the capability to launch redirection attacks, and judging by its rapid development, IBM X-Force researchers believe it is poised to become a rising
Publish At:2016-12-13 18:40 | Read:2703 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Ne’er-Do-Well News and Cyber Justice

Way back in the last millennium when I was a lowly copy aide at The Washington Post, I pitched the Metro Section editor on an idea for new column: “And the Good News Is…” The editor laughed me out of her office. But I still think it’s a decent idea — particularly in the context of cybersecurity — to periodically highlight
Publish At:2016-11-04 12:15 | Read:2944 | Comments:0 | Tags:Other A Whole Lot of Nothing LLC Adam Mudd Dridex Dyre Lizar

Cybercrime Overtakes Traditional Crime in UK

In a notable sign of the times, cybercrime has now surpassed all other forms of crime in the United Kingdom, the nation’s National Crime Agency (NCA) warned in a new report. It remains unclear how closely the rest of the world tracks the U.K.’s experience, but the report reminds readers that the problem is likely far worse than the numbers sugges
Publish At:2016-07-15 22:00 | Read:2919 | Comments:0 | Tags:A Little Sunshine The Coming Storm avivah litan Cyber Crime

Dridex and Locky authors revamped the Bart malware

The authors responsible for Dridex and Locky malware have recently made another appearance, this time with their latest release – Bart malware. Similar to other ransomware, infected users are notified of the compromise with their desktop backgrounds changed with a warning, confirming that their files have been encrypted and offering a number of URLs accessib
Publish At:2016-07-01 02:00 | Read:2753 | Comments:0 | Tags:Breaking News Cyber Crime Malware Bart malware Cybercrime Dr

Dridex Launches Dyre-Like Attacks in UK, Intensifies Focus on Business Accounts

IBM X-Force researchers have been following new developments in the Dridex Trojan’s attack methodologies. In their latest alert, researchers divulged a new modus operandi launched by Evil Corp, the cybercrime group that owns and operates the Dridex banking Trojan. Dridex Learns From Dyre Dridex recently released a new malware build with some internal b
Publish At:2016-01-19 16:25 | Read:4037 | Comments:0 | Tags:Advanced Threats IBM X-Force Malware Threat Intelligence Ban

2015: Cybercrime’s Epic Year

This year in cybercrime was… epic! Every prediction made last year has not only materialized, but exceeded expectations. Increases in attacks, technical sophistication and higher losses than ever imagined painted a new cyber reality in the past 12 months. What was so different in 2015? Wasn’t it just more of the same? Well, not quite. As the year
Publish At:2015-12-08 11:45 | Read:2869 | Comments:0 | Tags:Advanced Threats IBM X-Force Threat Intelligence Carbanak Cy

DRIDEX: Down, But Not Out

On October 13, American and British law enforcement took action against the notorious DRIDEX botnet with the goal of stopping the activities of the notorious online banking threat. U.S. Attorney David J. Hickton of the Western District of Pennsylvania called the operation a “technical disruption and a blow to one of the most pernicious malware threats
Publish At:2015-11-07 04:30 | Read:3787 | Comments:0 | Tags:Bad Sites Malware botnet DRIDEX DRIDEX botnet FBI law enforc

Dridex Botnets are still active and effective

The Dridex Banking Trojan has risen again despite the recent operation conducted by law enforcement on a global scale. Spam campaign relying on the Dridex malware continues to threaten banking users across the world despite the operations conducted by law enforcement on a global scale. We left Dridex malware spreading across t
Publish At:2015-10-27 10:20 | Read:4070 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan Cybercrime

New Campaign Shows Dridex Active, Targeting French

Two weeks after authorities announced they had taken down the botnet behind the banking malware Dridex, new research suggests the threat is alive and well.Researchers with the firm Invincea announced today that they’ve noticed 60 instances of attackers dropping Dridex on users in France, just over the past four days. As part of a newly reinvigorated ca
Publish At:2015-10-26 15:40 | Read:2882 | Comments:0 | Tags:Malware Uncategorized Brad Duncan Dridex Invincea SANS Inter

Android.Fakelogin Trojan Targeting Banking Apps with Customized Phishing Pages

Researchers have identified a new Trojan that targets mobile banking apps with customized phishing pages in an attempt to steal users’ login credentials.According to a blog post recently published by security firm Symantec, the Trojan, which has been named “Android.Fakelogin”, is targeting primarily Russian mobile users. The malware comes i
Publish At:2015-10-23 14:30 | Read:2621 | Comments:0 | Tags:Latest Security News Android.Fakelogin banking Dridex Phishi

Beware of DOC! A look on malicious macros

Some malware families often use spam campaigns as a method of distribution. Usually they deploy simple social engineering tricks – trying to deliver packed executable in disguise of a document, i.e. PDF (as we mentioned before). Such trick may fool some users – however, more advanced of them will notice that the real extension of the file is .exe
Publish At:2015-10-23 08:50 | Read:3219 | Comments:0 | Tags:Malware Analysis dridex macro spam

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud