HackDig : Dig high-quality web security articles for hacker

Mouseover PowerPoint attack exploited to deliver the Gootkit Trojan

Experts at Trend Micro observed a spam campaign leveraging the PowerPoint ‘Mouseover’ attack to deliver the Gootkit banking Trojan. Earlier this week, the security expert Ruben Daniel Dodge published an interesting post on a new technique to deliver malware through PowerPoint files leveraging on mouseover events. Now experts at Trend Micro reveal
Publish At:2017-06-10 06:00 | Read:3332 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware banking trojan Goo

Mouse Over, Macro: Spam Run in Europe Uses Hover Action to Deliver Banking Trojan

by Rubio Wu and Marshall Chen (Threats Analysts) While many of today’s malware sport relatively new capabilities, most of their authors or operators still use old techniques to deliver them. Malicious macros and shortcut (LNK) files are still used in ransomware, banking Trojans, and targeted attacks, for instance. These methods may be tried-and-tested, but w
Publish At:2017-06-09 18:00 | Read:3574 | Comments:0 | Tags:Malware Spam Gootkit Mouseover OTLARD

GootKit Malvertising Brings Redirection Attacks to Italian Banks

Earlier in May, I reported that GootKit had launched redirection attacks for the first time. The malware prepared for its new modus operandi in the U.K., targeting major banks there with this advanced browsing manipulation attack. I also predicted that this was just a test and that we’re about to see more. That prediction has come true. GootKit officia
Publish At:2017-05-24 00:45 | Read:3868 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

GootKit Launches Redirection Attacks in the UK

While going over some recent GootKit configurations, I came across an unfamiliar URL format that includes two URLs instead of one. It only takes a fraction of a second to understand: GootKit has launched redirection attacks — a more advanced way to manipulate online banking sessions than the typical webinjection attacks its operators had used up until now. M
Publish At:2017-05-14 01:10 | Read:2930 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

GootKit Developers Dress It Up With Web Traffic Proxy

Discovered in summer of 2014, GootKit is widely considered one of the most sophisticated banking Trojans active in the wild. The malware is being used in online banking fraud attacks on consumer and business accounts, mostly in the U.K. and other parts of Europe. In this blog post, I will describe my analysis of a recent GootKit sample (MD5: 60e079ec28d47ef8
Publish At:2017-03-01 18:35 | Read:4257 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

GootKit and Godzilla End 2016 Strong with New Malware Campaigns

Two malware families known as GootKit and Godzilla are closing out the year strong with separate campaigns designed to harvest users’ financial information.In Canada, the GootKit trojan is targeting members of several financial institutions. The campaign begins when a user receives a spam message that appears to have originated from a trusted actor lik
Publish At:2016-12-29 23:50 | Read:4395 | Comments:0 | Tags:Latest Security News Cerber Godzilla GootKit malware Nemucod

Fake Judicial Spam Leads to Backdoor with Fake Certificate Authority

Recently, we’ve come across an interesting spam campaign aimed at French users. The campaign itself uses a well-crafted lure that is likely to catch the attention of its would-be victims. In addition, the malware used – the GootKit backdoor – contains several unusual technical characteristics. Both of these highlight how this campaign was quite w
Publish At:2015-03-30 22:05 | Read:3937 | Comments:0 | Tags:Malware Spam France Gootkit judicial spam


Share high-quality web security related articles with you:)


Tag Cloud