HackDig : Dig high-quality web security articles for hacker

Stealthy new Android malware poses as ad blocker, serves up ads instead

Since its discovery less than a month ago, a new Trojan malware for Android we detect as Android/Trojan.FakeAdsBlock has already been seen on over 500 devices, and it’s on the rise. This nasty piece of mobile malware cleverly hides itself on Android devices while serving up a host of advertisements: full-page ads, ads delivered when opening the default brows
Publish At:2019-11-14 16:50 | Read:28 | Comments:0 | Tags:Android ads blocker android malware android trojan Android/T

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The ma
Publish At:2019-11-12 01:05 | Read:91 | Comments:0 | Tags:APT reports Featured Backdoor fileless malware Malware Descr

Mac Malware that Spoofs Trading App Steals User Information, Uploads it to Website

by Luis Magisa Unlike in the pre-internet era, when trading in the stock or commodities market involved a phone call to a broker — a move which often meant additional fees for would-be traders — the rise of trading apps placed the ability to trade in the hands of ordinary users. However, their popularity has led to their abuse by cybercriminals who create fa
Publish At:2019-09-20 08:20 | Read:306 | Comments:0 | Tags:Mac Malware app Trojan

Agent 1433: remote attack on Microsoft SQL Server

All over the world companies large and small use Microsoft SQL Server for database management. Highly popular yet insufficiently protected, this DBMS is a target of choice for hacking. One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to work
Publish At:2019-09-19 18:20 | Read:237 | Comments:0 | Tags:Research Backdoor Microsoft SQL Passwords Trojan

CVs, the perfect tool to deliver malware

Cybercriminals have a litany of techniques to get onto their victims’ IT systems: vulnerabilities, social networks, and even snail mail. The most popular method, however, is email: according to sources in the sector, 91% of cybercrime starts with a phishing email. Quasar: a new version of a popular tactic Towards the end of August, security researchers disco
Publish At:2019-09-19 17:05 | Read:274 | Comments:0 | Tags:Malware Security business Phishing resumes Trojan

Diving Into Zberp’s Unconventional Process Injection Technique

IBM X-Force Research recently discovered a small-scale malware campaign involving a Neutrino bot, aka Kasidet, dropping a payload that contains two Zeus malware breeds: Atmos and Zberp. Both of these codes are based on the leaked source code of the Zeus V2 banking Trojan that was exposed publicly in 2011. The Zberp Trojan, which is a subvariant of ZeusVM mix
Publish At:2017-10-22 05:01 | Read:4804 | Comments:0 | Tags:Malware X-Force Research Banking Trojan Carberp Carberp sour

Zeus is Still the Base of Many Current Trojans

In 2007, no one expected ZeuS to have such a brutal impact on the digital world. But two years later, Zbot, another of the names it is known by, became a milestone in the history of cybersecurity. With more than 3.6 million infected computers in 2009, ZeuS compromised more than 74,000 FTP accounts on such important networks as those of NASA, ABC, Oracle, Cis
Publish At:2017-09-27 15:10 | Read:2616 | Comments:0 | Tags:Panda Security b2b Trojan zbot zeus

EMOTET Returns, Starts Spreading via Spam Botnet

We first detected the banking malware EMOTET back in 2014, we looked into the banking malware’s routines and behaviors and took note of its information stealing abilities via network sniffing. After a period of relative inactivity, it appears it’s making a comeback with increased activity from new variants (Detected by Trend Micro as TSPY_EMOTET.AUSJLA
Publish At:2017-09-07 22:45 | Read:4052 | Comments:0 | Tags:Botnets Malware botnet EMOTET Trojan

Where Are They Today? Cybercrime Trojans That No One Misses: Shifu Malware

This is the first installment in an ongoing series about banking malware that faded away in 2017. Cybercrime is a very dynamic threat landscape. With over 100 million malware strains tracked by AV-TEST in 2016, malware can be a dime a dozen. When it comes to the more organized cybercrime groups and sophisticated banking Trojan projects, malware families are
Publish At:2017-08-08 16:20 | Read:3214 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

TrickBot Habla Español: Trojan Widens Its Attack Scope in Spain, Brings Redirection Attacks to Local Banks

The TrickBot Trojan has been steadily ramping up its activity this year, going into a rather intensive period of updates and attacks that started in Q2 2017. From the looks of it, TrickBot’s operators have been investing heavily into widening the scope of their attacks and are preparing redirection attacks against banks in 19 different countries. After
Publish At:2017-07-19 08:05 | Read:3530 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

The Magala Trojan Clicker: A Hidden Advertising Threat

One large group will slowly conquer another large group, reduce its numbers, and thus lessen its chance of further variation and improvement. <…> Small and broken groups and sub-groups will finally tend to disappear. Charles Darwin. ‘On the Origin of Species’ The golden age of Trojans and viruses has long gone. Malicious programs
Publish At:2017-07-12 10:00 | Read:3029 | Comments:0 | Tags:Research Adware PUPs Trojan

TrickBot Spreads to the Nordics, Launches Redirection Attacks in France

IBM X-Force Research detected a new wave of TrickBot attacks targeting banks in Nordic countries. The malware expanded its configurations to launch fraud attacks against banks in Sweden, Finland, Norway, Denmark and Iceland, among the other geographies it targets. Moreover, the malware, which has been testing redirection attacks on one bank in France, now ta
Publish At:2017-06-20 22:45 | Read:3759 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Zeus Sphinx Pushes Empty Configuration Files — What Has the Sphinx Got Cooking?

Lately, IBM X-Force Research has seen the Zeus Sphinx Trojan go through a targetless phase, an exceedingly rare occurrence in the cybercrime arena. Recent Zeus Sphinx samples have fetched configuration files in which all the target URLs were removed. This means that while Sphinx infection campaigns continue and the malware can infect new machines, it remains
Publish At:2017-06-15 13:50 | Read:4080 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Emerging Matrix Banker Trojan is targeting banks in Latin America

Security Experts at Arbor Networks have spotted a new banking trojan, initially called ‘Matrix Banker’, that is targeting Latin America. Malware researchers at Arbor Networks have spotted a new banking trojan, initially called ‘Matrix Banker’, that is targeting Latin America. The malicious code seems to be still under development, mo
Publish At:2017-06-14 02:05 | Read:3358 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking Cybercrime malware

Dvmap: the first Android malware with code injection

In April 2017 we started observing new rooting malware being distributed through the Google Play Store. Unlike other rooting malware, this Trojan not only installs its modules into the system, it also injects malicious code into the system runtime libraries. Kaspersky Lab products detect it as Trojan.AndroidOS.Dvmap.a. The distribution of rooting malware thr
Publish At:2017-06-08 15:45 | Read:4934 | Comments:0 | Tags:Featured Mobile code injection Google Android Mobile Malware


Share high-quality web security related articles with you:)


Tag Cloud