35 matches found
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication NFC relay attacks to a sophisticated remote access trojan with Automated Transfer System ATS capabilities to conduct device fraud. "RatOn merges traditional overlay attacks with automat...
⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More
Power doesn't just disappear in one big breach. It slips away in the small stuff—a patch that's missed, a setting that's wrong, a system no one is watching. Security usually doesn't fail all at once; it breaks slowly, then suddenly. Staying safe isn't about knowing everything—it's about acting fa...
India's RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud
India's central bank, the Reserve Bank of India RBI, said it's introducing an exclusive "bank.in" internet domain for banks in the country to combat digital financial fraud. "This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure...
New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing aka vishing techniques to trick users into parting with their personal information. "FakeCall is an extremely sophisticated Vishing attack that leverages...
TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud
Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials. "The mechanisms include using malformed ZIP files in combination wit...
Helping a banking fraud victim
A few months ago an elderly friend of a friend asked for some help. They had been scammed and had £10K stolen. Was there anything I could do to help? This wasn’t going to be a pleasant task: recovering monies stolen as a result of banking fraud is all but impossible. I was going to have to explai...
IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery
Multiple threat actors have been observed using two new variants of the IcedID malware in the wild with more limited functionality that removes functionality related to online banking fraud. IcedID, also known as BokBot, started off as a banking trojan in 2017. It's also capable of delivering...
This Android File Manager App Infected Thousands of Devices with SharkBot Malware
The Android banking fraud malware known as SharkBot has reared its head once again on the official Google Play Store, posing as file managers to bypass the app marketplace's restrictions. A majority of the users who downloaded the rogue apps are located in the U.K. and Italy, Romanian cybersecuri...
$600 a week to wrap your car? It’s a scam
A friend of mine recently received a text message which they described as "intriguing, but nonsensical". They were convinced it was some sort of scam, but they werent sure what the scammers were up to. Would it turn out to be some sort of phishing attempt? A telephone scam? Banking fraud? That on...
TrickBot Malware Using New Techniques to Evade Web Injection Attacks
The cybercrime operators behind the notorious TrickBot malware have once again upped the ante by fine-tuning its techniques by adding multiple layers of defense to slip past antimalware products. "As part of that escalation, malware injections have been fitted with added protection to keep...
Fake Chrome App Anchors Rapidly Worming ‘Smish’ Cyberattack
A new Android malware that impersonates the Google Chrome app has spread to hundreds of thousands of people in the last few weeks, according to researchers. The fake app is being used as part of a sophisticated hybrid cyberattack campaign that also uses mobile phishing to steal credentials. Join...
Hackers Behind GozNym Malware Sentenced for Stealing $100 Million
Three members of an international organized cybercrime group that was behind a multi-million dollar theft primarily against U.S. businesses and financial institutions have been sentenced to prison, the U.S. Justice Department announced. The criminals used the GozNym banking Trojan to break into...
Threatpost News Wrap, August 18, 2017
Mike Mimoso and Tom Spring discuss this week’s security news, including recent abuse of Google Chrome extensions for fraud, a close look at Adobe’s decision to end of life Flash Player, and a backdoor discovered in NetSarang server management software’s update mechanism. Download: Threatpost News...
Google Removes Chrome Extension Used in Banking Fraud
Google has removed from the Chrome Web Store a malicious browser extension used by criminals in Brazil to target corporate users with the aim of stealing banking credentials. The twist is that the attackers did their homework on their targets, learning via social networks whom inside an...
Phony Google Update Spreads Android Malware
Android users are being warned of a phony Google update that is pushing malware onto devices. The attackers behind this scheme are domain squatting URLs that are similar to ones used by Google for legitimate updates, hoping to snare less-than-vigilant users. Researchers at Zscaler said yesterday ...
New Android Malware 'HijackRAT' Attacks Mobile Banking Users
Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malware. GOOGLE SERVICE FRAMEWORK - APPLICATION OR MALWARE? Security researchers at the security firm FireEye have came across a maliciou...
Threat Outbreak Alert: Email Messages with Malicious Attachment on March 6, 2014
Medium Alert ID: 33230 First Published: 2014 March 6 19:57 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that contain a malicious attachment relating to banking fraud for the recipient. The email message attempts to convince the recipient t...
SpyEye creator pleads guilty in U.S Federal Court
Aleksandr Andreevich Panin, one of the alleged masterminds behind the notorious SpyEye banking trojan, pleaded guilty in an Atlanta courtroom yesterday to conspiracy charges relating to the development and distribution of the the malware. Panin pleaded guilty to conspiring to commit wire and bank...
FBI Warns of New Twist to Reveton, Citadel Malware Scams
The cybercrime group behind the Citadel malware and Reveton ransomware has upped the stakes with a new extortion technique, the FBI’s Internet Crime Complaint Center said today. Reveton scams have now co-opted the Internet Crime Complaint Center with a new fake warning to users whose computers ha...
Rash Identity Theft Sweeps Small Kentucky Town
Dozens of individuals from Winchester, a small Kentucky town east of Lexington have been targeted by hackers, according to a report earlier this week in the Lexington Herald-Leader. The newspaper claims between 50 and 100 diners at Puerta Grande, a small Mexican restaurant, were hit with bank fra...