HackDig : Dig high-quality web security articles

Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy

Contributed to this research: Segev Fogel, Amir Gendler and Nethanella Messer.   IBM Trusteer researchers continually monitor the evolution and attack tactics in the banking sector. In a recent analysis, our team found that an Ursnif (aka Gozi) banking Trojan variant is being used in the wild to target online banking users in Italy with mobile malware.
Publish At:2021-06-23 17:03 | Read:500 | Comments:0 | Tags:Advanced Threats Banking & Finance Fraud Protection Incident

What is Ghimob Malware?

A new Android malware strain ‘Ghimob’ is mimicking third-party mobile (mainly banking) apps to spy and steal user data when downloaded and installed. This Trojan virus steals data from users, primarily targeting online banking and cryptocurrency. As of the end of 2020, it is believed to siphon data from more than 153 apps by asking for accessibi
Publish At:2021-05-07 09:51 | Read:622 | Comments:0 | Tags:Mobile Security Software & App Vulnerabilities Banking & Fin

IBM Trusteer Exposes Massive Fraud Operation Facilitated by Evil Mobile Emulator Farms

IBM Security Trusteer’s mobile security research team has recently discovered a major mobile banking fraud operation that managed to steal millions of dollars from financial institutions in Europe and the US within a matter of days in each attack before being intercepted and halted. This is the work of a professional and organized gang that uses an in
Publish At:2020-12-15 18:29 | Read:767 | Comments:0 | Tags:Banking & Financial Services Malware Bank Fraud Banking Malw

New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks

IBM Security Trusteer researchers have discovered a new malware code and active campaign targeting online banking users in Brazil. The malware, coined “Vizom” by the team, uses familiar remote overlay attack tactics to take over user devices in real time, as the intended victim logs in, and then initiates fraudulent transactions from their bank
Publish At:2020-10-19 09:46 | Read:1036 | Comments:0 | Tags:Banking & Financial Services Malware Advanced Malware Bankin

Jackpotting Reveals Openings in Proprietary Software

Jackpotting, an older ATM theft technique, could show security operations team members what to look out for when it comes to Internet of things (IoT) attacks in general, and even election machine vulnerabilities.  This technique first entered the U.S. cybersecurity lexicon in 2018, when Brian Krebs warned of attacks at American ATMs. Jackpotting, Krebs
Publish At:2020-09-14 10:37 | Read:1107 | Comments:0 | Tags:Advanced Threats Fraud Protection Malware ATM ATM Malware Ba

Source code of Cerberus Android Trojan offered for sale for $100,000

The authors of the Android Cerberus banking trojan are auctioning the project for a price starting at $50,000, with $100K the deal could be immediately closed. The authors of the notorious Cerberus Android banking trojan are auctioning their project for a price starting at $50,000, but buyers could close the deal for $100,000. The overall project inclu
Publish At:2020-07-27 15:20 | Read:1641 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Banking Malware Ce

BlackRock Android Banking Malware Targeting 337 Mobile Apps

Security researchers discovered a new Android banking malware family called “BlackRock” that targets 337 mobile applications.ThreatFabric found that BlackRock hid its icon when it first launched itself on a mobile device. It then posed as a Google update in an attempt to gain access to a user’s Accessibility Service. Once it received access
Publish At:2020-07-16 11:51 | Read:1070 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Android

Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey

The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a simple short message server (SMS) stealer and rapidly evolved into one of the most advanced actors in the financial fraud landscape. Ginp has primarily targeted Spanish banks, but recent evidence suggests the m
Publish At:2020-06-18 12:15 | Read:1515 | Comments:0 | Tags:Application Security Banking & Financial Services Data Prote

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:2219 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

A Brand New Ursnif/ISFB Campaign Targets Italian Organizations

Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe.   Recently, we have identified a new variant that is targeting Italian organiz
Publish At:2020-04-17 21:53 | Read:1761 | Comments:0 | Tags:Breaking News Cyber Crime Malware Banking Malware Hacking ha

Grandoreiro Malware Now Targeting Banks in Spain

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers
Publish At:2020-04-13 10:30 | Read:1780 | Comments:0 | Tags:Malware Threat Research Banking Banking Malware Banking Troj

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:2053 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:2702 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:1982 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry
Publish At:2020-03-11 10:23 | Read:2024 | Comments:0 | Tags:Malware banking malware banking Trojan Bottle exploit kit Bo

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud