HackDig : Dig high-quality web security articles for hacker

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:201 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:188 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

Fake Coronavirus Finder spread Ginp Mobile Banker

Security experts have spotted a new COVID-themed campaign aimed at distributing the Ginp Mobile Banker with “Coronavirus Finder” lure. With the COVID19 outbreak, the number of Coronavirus-themed attacks is rapidly increasing. Kaspersky Lab experts have uncovered a malicious campaign that is spreading the Android banking trojan Ginp masquerade
Publish At:2020-03-25 12:17 | Read:224 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile banking trojan coro

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:209 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

A new variant of the TrickBot malware is targeting telecommunications organizations in the United States and Hong Kong. Security experts from Bitdefender recently discovered a new TrickBot variant that is targeting telecommunications organizations in the United States and Hong Kong. TrickBot is a popular banking Trojan that has been around since Octob
Publish At:2020-03-19 19:44 | Read:203 | Comments:0 | Tags:Breaking News Hacking Malware banking trojan hacking news in

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry
Publish At:2020-03-11 10:23 | Read:169 | Comments:0 | Tags:Malware banking malware banking Trojan Bottle exploit kit Bo

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

The financial malware arena became a mainstream issue a little over a decade ago with the rise of malware like the Zeus Trojan, which at the time was the first commercial banking Trojan available to the cybercrime world. We have come a long way since, and the past decade saw banking Trojans become increasingly sophisticated, specialized and exclusive, operat
Publish At:2020-02-18 09:32 | Read:281 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Botnets Cybercrim

Sextortion Scams Delivered by Emotet Net 10 Times More Than Necurs Sextortion — Here’s Why

Recent spam campaigns from Emotet featured sextortion content very similar to emails previously sent by the Necurs botnet. However, Emotet spam ended up netting 10 times the amount that a comparable Necurs campaign did — within a matter of six hours. Why was Emotet so much more successful with the same type of ploy? Two factors played into this. First, Emote
Publish At:2020-02-15 17:18 | Read:307 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Bitcoin Botnet Cy

Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails. The messages contain Microsoft Office files loaded with macros that, when enabled, launch an infection routine that delivers the Emotet Trojan. In general, Emotet is very focused on infecting companies
Publish At:2020-02-09 10:30 | Read:359 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Cyberc

7 types of virus – a short glossary of contemporary cyberbadness

byPaul DucklinOK, technically, this article is about malware in general, not about viruses in particular.Strictly speaking, virus refers to a type of malware that spreads by itself, so that once it’s in your system, you may end up with hundreds or even thousands of infected files……on every computer in your network, and in the networks your
Publish At:2019-12-28 17:35 | Read:657 | Comments:0 | Tags:Malware Banking Trojan Data Stealer keylogger malware RAM sc

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siri_urz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strike and Maze ransomware, the later wave of malicious emails w
Publish At:2019-12-03 16:50 | Read:866 | Comments:0 | Tags:Threat analysis backdoor banking Trojan banking Trojans cred

Active TrickBot Campaign Observed Abusing SendGrid and Google Docs

<p><img src="https://info.phishlabs.com/hs-fs/hubfs/TrickBot.png?width=300&amp;name=TrickBot.png" alt="TrickBot" width="300" style="width: 300px; float: right; margin: 0px 0px 10px 10px;">PhishLabs has observed an active TrickBot campaign targeting the employees of multiple organizations. Trickbot is a sophisticated successor of the Dyre Bank
Publish At:2019-11-26 16:15 | Read:587 | Comments:0 | Tags:Banking Trojan TrickBot

BankBot Anubis Switches to Chinese and Adds Telegram for C2

<p>We've recently noticed&nbsp;two significant changes&nbsp;in C2 tactics used by the threat actors behind BankBot Anubis, a mobile banking trojan. First is the use of&nbsp;Chinese characters to encode the C2 strings (in addition to base64 encoding). The second is&nbsp;the use of&nbsp;Telegram Messenger&nbsp;in addition to&n
Publish At:2019-09-19 22:40 | Read:540 | Comments:0 | Tags:Threat Intelligence Banking Trojan BankBot Anubis

Ursnif Campaign Waves Breaking on Japanese Shores

According to IBM X-Force data on the activity of financial malware operated by organized cybercrime groups, the Ursnif (aka Gozi) banking Trojan was the most active malware code in the financial sector in 2016 and has maintained its dominance through 2017 to date. Ursnif’s activity is marked by both frequent code modifications and campaign activity in
Publish At:2017-10-26 19:35 | Read:4746 | Comments:0 | Tags:Banking & Financial Services Malware Threat Intelligence Ban

Diving Into Zberp’s Unconventional Process Injection Technique

IBM X-Force Research recently discovered a small-scale malware campaign involving a Neutrino bot, aka Kasidet, dropping a payload that contains two Zeus malware breeds: Atmos and Zberp. Both of these codes are based on the leaked source code of the Zeus V2 banking Trojan that was exposed publicly in 2011. The Zberp Trojan, which is a subvariant of ZeusVM mix
Publish At:2017-10-22 05:01 | Read:5640 | Comments:0 | Tags:Malware X-Force Research Banking Trojan Carberp Carberp sour

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud