HackDig : Dig high-quality web security articles for hackers

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

The financial malware arena became a mainstream issue a little over a decade ago with the rise of malware like the Zeus Trojan, which at the time was the first commercial banking Trojan available to the cybercrime world. We have come a long way since, and the past decade saw banking Trojans become increasingly sophisticated, specialized and exclusive, operat
Publish At:2020-02-18 09:32 | Read:1412 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Botnets Cybercrim

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOn
Publish At:2019-12-16 15:35 | Read:1618 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Target: Small Businesse

The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT

This blog post was authored by Jérôme Segura, William Tsing, and Adam Thomas. In a previous post, we described the possible overlap between certain domains registered by Magecart Group 4 and the Cobalt gang. While attribution is always a difficult endeavor, sharing TTPs can help others to connect the dots between campaigns observed in the wild and threat
Publish At:2019-10-22 11:20 | Read:1710 | Comments:0 | Tags:Threat analysis advanced persistent threats APTs attribution

Neverquest Gang Takes Leave — Is It the End of the Quest?

I’ll bet no one is missing the Neverquest Trojan, and maybe that’s why many have not even realized one of the top cybergang-operated malware codes has taken a substantial plunge this year. The Neverquest Trojan, a consistent occupant of the top 10 most active banking Trojans in the world, has suffered a blow due to the arrest of one of its allege
Publish At:2017-05-05 01:55 | Read:6836 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

The Necurs Botnet: A Pandora’s Box of Malicious Spam

This is the tale of a cybercrime botnet operation that, within about five years of its existence, has been named one of the largest botnets in the world. It’s called the Necurs botnet. It militarizes up to 6 million zombie endpoints, delivers some of the worst banking Trojans and ransomware threats in batches of millions of emails at a time, and it kee
Publish At:2017-04-24 18:00 | Read:7591 | Comments:1 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Dridex’s Cold War: Enter AtomBombing

IBM X-Force discovered that Dridex, one of the most nefarious banking Trojans active in the financial cybercrime arena, recently underwent a major version upgrade that is already active in online banking attacks in Europe. A few weeks ago, our cybercrime labs detected a new major version of the Dridex banking Trojan, Dridex v4. The updated code features a ne
Publish At:2017-03-01 00:05 | Read:5825 | Comments:0 | Tags:Advanced Threats Banking & Financial Services Fraud Protecti

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game

By Alice Decker, Jasen Sumalapao, and Gilber Sison In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEy
Publish At:2016-12-30 08:05 | Read:4704 | Comments:0 | Tags:Malware Ransomware Spam CERBER DRIDEX EMOTET GoldenEye Misch

Nǐ Hǎo TrickBot? Dyre Successor Spreads to Asia

The TrickBot Trojan emerged in October 2016 as new banking malware, boasting a code that appears to have more than one feature in common with the Dyre Trojan. From its very early days, TrickBot already possessed the capability to launch redirection attacks, and judging by its rapid development, IBM X-Force researchers believe it is poised to become a rising
Publish At:2016-12-13 18:40 | Read:3937 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Ne’er-Do-Well News and Cyber Justice

Way back in the last millennium when I was a lowly copy aide at The Washington Post, I pitched the Metro Section editor on an idea for new column: “And the Good News Is…” The editor laughed me out of her office. But I still think it’s a decent idea — particularly in the context of cybersecurity — to periodically highlight
Publish At:2016-11-04 12:15 | Read:4497 | Comments:0 | Tags:Other A Whole Lot of Nothing LLC Adam Mudd Dridex Dyre Lizar

Cybercrime Overtakes Traditional Crime in UK

In a notable sign of the times, cybercrime has now surpassed all other forms of crime in the United Kingdom, the nation’s National Crime Agency (NCA) warned in a new report. It remains unclear how closely the rest of the world tracks the U.K.’s experience, but the report reminds readers that the problem is likely far worse than the numbers sugges
Publish At:2016-07-15 22:00 | Read:4336 | Comments:0 | Tags:A Little Sunshine The Coming Storm avivah litan Cyber Crime

Dridex and Locky authors revamped the Bart malware

The authors responsible for Dridex and Locky malware have recently made another appearance, this time with their latest release – Bart malware. Similar to other ransomware, infected users are notified of the compromise with their desktop backgrounds changed with a warning, confirming that their files have been encrypted and offering a number of URLs accessib
Publish At:2016-07-01 02:00 | Read:4247 | Comments:0 | Tags:Breaking News Cyber Crime Malware Bart malware Cybercrime Dr

Dridex Launches Dyre-Like Attacks in UK, Intensifies Focus on Business Accounts

IBM X-Force researchers have been following new developments in the Dridex Trojan’s attack methodologies. In their latest alert, researchers divulged a new modus operandi launched by Evil Corp, the cybercrime group that owns and operates the Dridex banking Trojan. Dridex Learns From Dyre Dridex recently released a new malware build with some internal b
Publish At:2016-01-19 16:25 | Read:5402 | Comments:0 | Tags:Advanced Threats IBM X-Force Malware Threat Intelligence Ban

2015: Cybercrime’s Epic Year

This year in cybercrime was… epic! Every prediction made last year has not only materialized, but exceeded expectations. Increases in attacks, technical sophistication and higher losses than ever imagined painted a new cyber reality in the past 12 months. What was so different in 2015? Wasn’t it just more of the same? Well, not quite. As the year
Publish At:2015-12-08 11:45 | Read:4686 | Comments:0 | Tags:Advanced Threats IBM X-Force Threat Intelligence Carbanak Cy

DRIDEX: Down, But Not Out

On October 13, American and British law enforcement took action against the notorious DRIDEX botnet with the goal of stopping the activities of the notorious online banking threat. U.S. Attorney David J. Hickton of the Western District of Pennsylvania called the operation a “technical disruption and a blow to one of the most pernicious malware threats
Publish At:2015-11-07 04:30 | Read:5095 | Comments:0 | Tags:Bad Sites Malware botnet DRIDEX DRIDEX botnet FBI law enforc

Dridex Botnets are still active and effective

The Dridex Banking Trojan has risen again despite the recent operation conducted by law enforcement on a global scale. Spam campaign relying on the Dridex malware continues to threaten banking users across the world despite the operations conducted by law enforcement on a global scale. We left Dridex malware spreading across t
Publish At:2015-10-27 10:20 | Read:5687 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan Cybercrime


Tag Cloud