HackDig : Dig high-quality web security articles

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

The financial malware arena became a mainstream issue a little over a decade ago with the rise of malware like the Zeus Trojan, which at the time was the first commercial banking Trojan available to the cybercrime world. We have come a long way since, and the past decade saw banking Trojans become increasingly sophisticated, specialized and exclusive, operat
Publish At:2020-02-18 09:32 | Read:2075 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Botnets Cybercrim

Spelevo exploit kit debuts new social engineering trick

2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult websites to compromise more devices. The current Chromium-d
Publish At:2019-12-18 16:50 | Read:2213 | Comments:0 | Tags:Threat analysis EK exploit kit Gozi malvertising Qakbot Qbot

Ursnif Campaign Waves Breaking on Japanese Shores

According to IBM X-Force data on the activity of financial malware operated by organized cybercrime groups, the Ursnif (aka Gozi) banking Trojan was the most active malware code in the financial sector in 2016 and has maintained its dominance through 2017 to date. Ursnif’s activity is marked by both frequent code modifications and campaign activity in
Publish At:2017-10-26 19:35 | Read:6541 | Comments:0 | Tags:Banking & Financial Services Malware Threat Intelligence Ban

Neverquest Gang Takes Leave — Is It the End of the Quest?

I’ll bet no one is missing the Neverquest Trojan, and maybe that’s why many have not even realized one of the top cybergang-operated malware codes has taken a substantial plunge this year. The Neverquest Trojan, a consistent occupant of the top 10 most active banking Trojans in the world, has suffered a blow due to the arrest of one of its allege
Publish At:2017-05-05 01:55 | Read:8335 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Anatomy of an hVNC Attack

Top-tier financial malware like Dridex, Neverquest and Gozi offer a wide range of malicious capabilities, such as form-grabbing, screen capture, webinjections and more. One notable capability is the hidden virtual network computing (hVNC) module, which allows attackers to gain user-grade access to an infected PC. It’s no secret that banking Trojans con
Publish At:2017-01-25 10:20 | Read:9894 | Comments:0 | Tags:Advanced Threats Banking & Financial Services Fraud Protecti

Cisco Talos profiled the GozNym botnet after cracking the trojan DGA

The Talos team published a detailed analysis of the GozNym botnet, it was possible because the experts cracked the DGA algorithm used by the malware. In April 2015, the researchers from the  IBM X-Force Research discovered a new banking Trojan dubbed GozNym Trojan that combines best features of Gozi ISFB and Nymaim malware. The GozNym has been seen targeting
Publish At:2016-09-28 23:30 | Read:7036 | Comments:0 | Tags:Breaking News Malware botnet Cybercrime Gozi GozNym Trojan m

GozNym Trojan even more sophisticated with a singular redirection mechanism

The cybercriminals behind the GozNym Trojan have started targeting users in European countries with a new singular redirection mechanism. Last week, security experts from the IBM X-Force Research spotted a new threat dubbed GozNym Trojan that combines Gozi ISFB and Nymaim malware abilities. The GozNym Trojan is particularly insidious, according to the resear
Publish At:2016-04-26 15:35 | Read:4578 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Gozi GozNym Tro

GozNym Trojan combines Gozi ISFB and Nymaim malware abilities

The security experts from the  IBM X-Force Research spotted a new threat dubbed GozNym Trojan that combines Gozi ISFB and Nymaim malware abilities. What happens when two threats join their capabilities? Two dangerous Trojans, the Nymaim and Gozi ISFB malware, have been merged to create a new banking Trojan called GozNym. The GozNym Trojan is particularly ins
Publish At:2016-04-16 00:05 | Read:5471 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Gozi GozNym Tro

Alleged Gozi Co-Author Pleads Guilty As Alleged Citadel, Dridex Attackers Arrested

The author behind one strain of banking malware, Gozi, has plead guilty and is awaiting sentencing while two other men, who allegedly had a hand in developing the banking malware Citadel and Dridex, were recently apprehended.Latvian Deniss Calovskis, 30, acknowledged in a federal court in New York on Friday that he wrote some of the code behind Gozi, a Troja
Publish At:2015-09-08 19:45 | Read:4750 | Comments:0 | Tags:Malware citadel Dridex Gozi Hackers krebs malware

Gozi Goes to Bulgaria — Is Cybercrime Heading to Less Chartered Territory?

In what appears to be a trend, another banking Trojan is preparing to attack Eastern Europe. This time it is the Gozi/ISFB Trojan, which just added nine major banks in Bulgaria to its list of targets. What’s New? In early August 2015, IBM Security X-Force researchers analyzed a new Gozi Trojan configuration file that is, according to our data, the firs
Publish At:2015-08-18 13:10 | Read:4777 | Comments:0 | Tags:Threat Intelligence Banking Trojan Gozi Gozi Trojan IBM Secu

Neverquest Trojan Adds New Targets, Capabilities

Researchers have found some recent modifications to the Neverquest banking Trojan that indicate the malware is no longer just targeting online banking sites, but also is going after social media, retailers and some game portals. The new changes also give the Trojan the ability to insert extra fields into targeted Web forms in order to steal PINs and other se
Publish At:2014-09-05 04:00 | Read:3612 | Comments:0 | Tags:Malware Web Security banking trojan Gozi malware Neverquest

Tag Cloud