HackDig : Dig high-quality web security articles for hacker

TrickBot Habla Español: Trojan Widens Its Attack Scope in Spain, Brings Redirection Attacks to Local Banks

The TrickBot Trojan has been steadily ramping up its activity this year, going into a rather intensive period of updates and attacks that started in Q2 2017. From the looks of it, TrickBot’s operators have been investing heavily into widening the scope of their attacks and are preparing redirection attacks against banks in 19 different countries. After
Publish At:2017-07-19 08:05 | Read:2243 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

The NukeBot banking Trojan: from rough drafts to real threats

This spring, the author of the NukeBot banking Trojan published the source code of his creation. He most probably did so to restore his reputation on a number of hacker forums: earlier, he had been promoting his development so aggressively and behaving so erratically that he was eventually suspected of being a scammer. Now, three months after the source code
Publish At:2017-07-19 07:45 | Read:2162 | Comments:0 | Tags:Research Banking Trojan Financial malware

TrickBot gang is back with new campaigns targeting Payment Processors and CRM Providers

Threat actors behind the financial trojan TrickBot have been updating its campaigns targeting Payment Processors and CRM Providers. Threat actors behind Banking Trojan TrickBot switched from financial institutions to Payment processors and CRM providers. TrickBot was initially observed in September 2016 by the researchers at security firm Fidelis Cybersecuri
Publish At:2017-06-20 23:50 | Read:2379 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan botnet CRM

TrickBot Spreads to the Nordics, Launches Redirection Attacks in France

IBM X-Force Research detected a new wave of TrickBot attacks targeting banks in Nordic countries. The malware expanded its configurations to launch fraud attacks against banks in Sweden, Finland, Norway, Denmark and Iceland, among the other geographies it targets. Moreover, the malware, which has been testing redirection attacks on one bank in France, now ta
Publish At:2017-06-20 22:45 | Read:2647 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Zeus Sphinx Pushes Empty Configuration Files — What Has the Sphinx Got Cooking?

Lately, IBM X-Force Research has seen the Zeus Sphinx Trojan go through a targetless phase, an exceedingly rare occurrence in the cybercrime arena. Recent Zeus Sphinx samples have fetched configuration files in which all the target URLs were removed. This means that while Sphinx infection campaigns continue and the malware can infect new machines, it remains
Publish At:2017-06-15 13:50 | Read:3248 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Mouseover PowerPoint attack exploited to deliver the Gootkit Trojan

Experts at Trend Micro observed a spam campaign leveraging the PowerPoint ‘Mouseover’ attack to deliver the Gootkit banking Trojan. Earlier this week, the security expert Ruben Daniel Dodge published an interesting post on a new technique to deliver malware through PowerPoint files leveraging on mouseover events. Now experts at Trend Micro reveal
Publish At:2017-06-10 06:00 | Read:2423 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware banking trojan Goo

QakBot Banking Trojan Causes Massive Active Directory Lockouts

IBM X-Force Research recently observed a wave of malware-induced Active Directory (AD) lockouts across several incident response engagements. The lockouts caused hundreds to thousands of AD users to get locked out of their company’s domain in rapid succession, leaving employees of the impacted organizations unable to access their endpoints, company ser
Publish At:2017-06-03 00:15 | Read:4848 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Banki

GootKit Malvertising Brings Redirection Attacks to Italian Banks

Earlier in May, I reported that GootKit had launched redirection attacks for the first time. The malware prepared for its new modus operandi in the U.K., targeting major banks there with this advanced browsing manipulation attack. I also predicted that this was just a test and that we’re about to see more. That prediction has come true. GootKit officia
Publish At:2017-05-24 00:45 | Read:2827 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

GootKit Launches Redirection Attacks in the UK

While going over some recent GootKit configurations, I came across an unfamiliar URL format that includes two URLs instead of one. It only takes a fraction of a second to understand: GootKit has launched redirection attacks — a more advanced way to manipulate online banking sessions than the typical webinjection attacks its operators had used up until now. M
Publish At:2017-05-14 01:10 | Read:2037 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Neverquest Gang Takes Leave — Is It the End of the Quest?

I’ll bet no one is missing the Neverquest Trojan, and maybe that’s why many have not even realized one of the top cybergang-operated malware codes has taken a substantial plunge this year. The Neverquest Trojan, a consistent occupant of the top 10 most active banking Trojans in the world, has suffered a blow due to the arrest of one of its allege
Publish At:2017-05-05 01:55 | Read:4079 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

TrickBot is a rising threat, the banking Trojan now targets Private Banking

According to a new analysis conducted by the IBM’s X-Force security team, a new wave of attacks powered by the TrickBot banking Trojan have been targeting private banks in the UK, Australia, and Germany. The researchers observed new redirection attacks focused on new brands, including private banks, private wealth management firms, investment banking,
Publish At:2017-05-02 20:05 | Read:1712 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan botnet Cybe

TrickBot Is Hand-Picking Private Banks for Targets — With Redirection Attacks in Tow!

IBM X-Force research follows organized cybercrime and continually monitors the criminals’ targets and modus operandi. In a recent analysis of TrickBot campaigns in the U.K., Australia and Germany, I found that the operators of the infamous Trojan have been adding new redirection attacks focused on a list of brands that I had never seen in the past. Cur
Publish At:2017-04-27 19:35 | Read:2953 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Nuclear Bot source code leaked online, a new threat will rapidly spread in the wild

The source code for a new banking Trojan dubbed Nuclear Bot was leaked online, experts speculate a rapid diffusion of the threat in the wild. The source code for a new banking Trojan, dubbed Nuclear Bot, is available for sale in the cyber criminal underground.The Nuclear Bot banking Trojan first appeared in the cybercrime forums in early December when it was
Publish At:2017-03-30 16:00 | Read:1575 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan Cybercrime

The NukeBot Trojan, a Bruised Ego and a Surprising Source Code Leak

An Uncommon Tale of a Failed Banking Trojan Vendor In early December 2016, IBM X-Force researchers noticed the emergence of a new banking malware advertised for sale in a few underground boards. The malware’s vendor, who went by the online moniker Gosya, was a Russian-speaking member who introduced himself as the developer of Nuclear Bot, or NukeBot, a
Publish At:2017-03-29 01:50 | Read:2466 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware X-Forc

Rogue Cellphone towers used to spread the Android Swearing Trojan

Chinese scammers are deploying rogue cellphone towers to spread the Android Swearing Trojan via malicious URL in SMS messages. Chinese scammers are deploying fake mobile base stations to spread the Android Swearing Trojan in text messages. The attackers have improved the well-known Smishing attack using rogue cell phone towers as the attack vector and distri
Publish At:2017-03-23 18:00 | Read:1747 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android banking tro

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud