HackDig : Dig high-quality web security articles for hackers

Shining a light on “Silent Night” Zloader/Zbot

When it comes to banking Trojans, ZeuS is probably the most famous one ever released. Since its source code originally leaked in 2011, several new variants proliferated online. That includes a past fork called Terdot Zbot/Zloader, which we extensively covered in 2017. But recently, we observed another bot, with a design reminiscent of ZeuS, that seems to
Publish At:2020-05-24 07:20 | Read:621 | Comments:0 | Tags:Malware Threat analysis banking Trojan banking Trojans HYAS

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. NiceHash CTO Matjaž “Iserdo” Škorjanc, as pictured on the front page of
Publish At:2019-10-01 16:40 | Read:1726 | Comments:0 | Tags:Ne'er-Do-Well News Butterfly Bot Darkode fubar Iserdo maripo

Diving Into Zberp’s Unconventional Process Injection Technique

IBM X-Force Research recently discovered a small-scale malware campaign involving a Neutrino bot, aka Kasidet, dropping a payload that contains two Zeus malware breeds: Atmos and Zberp. Both of these codes are based on the leaked source code of the Zeus V2 banking Trojan that was exposed publicly in 2011. The Zberp Trojan, which is a subvariant of ZeusVM mix
Publish At:2017-10-22 05:01 | Read:6695 | Comments:0 | Tags:Malware X-Force Research Banking Trojan Carberp Carberp sour

Zeus is Still the Base of Many Current Trojans

In 2007, no one expected ZeuS to have such a brutal impact on the digital world. But two years later, Zbot, another of the names it is known by, became a milestone in the history of cybersecurity. With more than 3.6 million infected computers in 2009, ZeuS compromised more than 74,000 FTP accounts on such important networks as those of NASA, ABC, Oracle, Cis
Publish At:2017-09-27 15:10 | Read:4239 | Comments:0 | Tags:Panda Security b2b Trojan zbot zeus

A Russian man involved in the development and maintenance of Citadel was sentenced to five years in prison

The Russian hacker Mark Vartanyan was sentenced to five years in prison for his involvement in the development and maintenance of the Citadel botnets. It’s a terrific moment for cyber criminals, law enforcement worldwide continues their fight against illegal activities online and the recent shut down of AlphaBay and Hansa black markets demonstrate it.
Publish At:2017-07-23 05:40 | Read:4406 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan Citadel Cyb

Neutrino modification for POS-terminals

From time to time authors of effective and long-lived Trojans and viruses create new modifications and forks of them, like any other software authors. One of the brightest examples amongst them is Zeus (Trojan-Spy.Win32.Zbot, based on classification of “Kaspersky Lab”), which continues to spawn new modifications of itself each year. In a strange
Publish At:2017-06-27 20:10 | Read:5008 | Comments:0 | Tags:Research POS malware Trojan-Bankers ZeuS

Zeus Sphinx Pushes Empty Configuration Files — What Has the Sphinx Got Cooking?

Lately, IBM X-Force Research has seen the Zeus Sphinx Trojan go through a targetless phase, an exceedingly rare occurrence in the cybercrime arena. Recent Zeus Sphinx samples have fetched configuration files in which all the target URLs were removed. This means that while Sphinx infection campaigns continue and the malware can infect new machines, it remains
Publish At:2017-06-15 13:50 | Read:5551 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Around the World With Zeus Sphinx: From Canada to Australia and Back

IBM X-Force researchers recently identified new infection campaigns delivering distinct Zeus Sphinx Trojan variants to online banking users in Canada and Australia. This is the first time our researchers have observed Sphinx campaigns with dedicated configurations targeting financial institutions in either of the two countries. We believe they are part of on
Publish At:2017-01-26 23:10 | Read:4354 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

All About Fraud: How Crooks Get the CVV

A longtime reader recently asked: “How do online fraudsters get the 3-digit card verification value (CVV or CVV2) code printed on the back of customer cards if merchants are forbidden from storing this information? The answer: If not via phishing, probably by installing a Web-based keylogger at an online merchant so that all data that customers submit
Publish At:2016-04-26 23:50 | Read:4927 | Comments:0 | Tags:A Little Sunshine Web Fraud 2.0 bsides Burns-Wilcox citysec

Brazen no more, makers of account-draining bank trojan get 24 years

Two men who built and sold a banking trojan that infected more than 50 million computers around the world and caused almost $1 billion in losses have been sentenced to a combined 24 years in prison.Aleksandr Andreevich Panin, the chief developer and distributor of SpyEye, received a sentence of nine years and six months in federal prison, according to a stat
Publish At:2016-04-21 22:10 | Read:3681 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Uncategorized

FBI: $2.3 Billion Lost to CEO Email Scams

The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss and tricks someone at the organization into wiring funds to the fraudsters. The FBI estimates these scams have cost organizations more than $2.3 billion
Publish At:2016-04-18 15:05 | Read:4714 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm ceo fraud

UK Banks Hit With New Zeus Sphinx Variant and Renewed Kronos Banking Trojan Attacks

Two recent discoveries by IBM Security X-Force researchers indicate that the U.K. is seeing an increased wave of banking Trojan attacks from two families linked with the Zeus Trojan: Sphinx and Kronos. In the first case, X-Force researchers are the first to confirm that beyond seeing underground posts of cybercriminals selling a new Zeus variant dubbed Sphin
Publish At:2015-10-02 08:05 | Read:4801 | Comments:0 | Tags:IBM X-Force Malware Banking Trojan crimeware Cybercrime IBM

Arrests Tied to Citadel, Dridex Malware

Authorities in Europe have arrested alleged key players behind the development and deployment of sophisticated banking malware, including Citadel and Dridex. The arrests involved a Russian national and a Moldovan man, both of whom were traveling or residing outside of their native countries and are now facing extradition to the United States. Last week, a 30
Publish At:2015-09-27 11:50 | Read:4096 | Comments:0 | Tags:Ne'er-Do-Well News Aquabox Business Club Citadel cyberheists

Shifu: ‘Masterful’ New Banking Trojan Is Attacking 14 Japanese Banks

Co-authored by Denis Laskov and Ilya Kolmanovich A brand-new advanced banking Trojan discovered in the wild has been named “Shifu” by IBM Security X-Force, after the Japanese word for thief. The malware appears to have been active since as early as April 2015; it was unearthed by IBM Security antifraud platforms through continuous protection of c
Publish At:2015-08-31 17:50 | Read:4425 | Comments:0 | Tags:Advanced Threats IBM X-Force Malware Threat Intelligence Ban

Sphinx, a new variant of Zeus available for sale in the underground

A new variant of the popular Zeus banking trojan dubbed was Sphinx is appeared for sale on the black market, it operates entirely through the Tor network. A few days ago a new variant of the popular Zeus banking trojan was offered for sale on the black market, its name is Sphinx. Sphinx code is written in C++ and is based on t
Publish At:2015-08-26 15:50 | Read:3404 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware banking trojan Cyb

Tools

Tag Cloud