Lucene search
K

9 matches found

ThreatPost
ThreatPost
added 2017/01/11 12:48 p.m.15 views

Spammers Revive Hancitor Downloader Campaigns

A recent lull in the distribution of spam spreading information-stealing malware via the Hancitor downloader has been snapped. Researchers at the SANS Internet Storm Center are currently tracking an increase in spam purporting to be a forwarded parking ticket notification. The message prompts the...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2016/11/08 5:16 p.m.10 views

TrickBot Banking Trojan Adds New Browser Manipulation Tools

The TrickBot banking Trojan, a close relative to Dyre, has a growing target list and new browser manipulation techniques, experts at IBM X-Force said. “We expect to see it amplify infection campaigns and fraud attacks, sharpen its aim on business and corporate accounts,” wrote Limor Kessem,...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/09/15 3:52 p.m.29 views

Neverquest Trojan Gets Big Summer Update

The once prolific banking Trojan Neverquest received a major code revamp over the summer and is now armed with modifications that can more adeptly hijack a victim’s PC, inject code into webpages and steal credentials. The update represents a significant enough change to the malware that researche...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/08/22 2:27 p.m.27 views

Hancitor Malware Shifts Infection Strategies

Researchers said a new variant of the Hancitor downloader has shifted tactics and adopted new dropper strategies and obfuscation techniques on infected PCs. Researchers at Palo Alto Networks are currently tracking the biggest push of the Hancitor family of malware since June that it says has...

7.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2016/08/16 10:24 a.m.9 views

Vawtrak Trojan Adds DGA, SSL Pinning

Attackers behind the Vawtrak banking Trojan have been keeping busy, updating the malware over the last few weeks with new a domain generation algorithm DGA and SSL pinning capabilities. Research published by security firm Fidelis on Tuesday explains the updates and breaks down how Vawtrak’s DGA...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/11/13 9:30 a.m.11 views

Two New Strains of POS Malware, Cherry Picker, Abaddon, Surface

Point of sale malware has gotten more sophisticated as we inch closer to the two-year anniversary of the Target data breach. Now, two weeks from the biggest shopping day of the year, two new and different strains of point of sale malware have come to light, including one that’s gone largely...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/06/09 12:27 p.m.9 views

Banking Malware Vawtrak Seen Using Tor2Web

Developers behind the banking Trojan Vawtrak have begun obscuring some of their servers with Tor2Web, a move that’s added another degree of difficulty when it comes to uncovering their activity. To this point the malware’s techniques – its evolution beyond banking websites, ability to break...

1.1AI score
Exploits0References4
The Hacker News
The Hacker News
added 2015/03/25 1:11 a.m.15 views

Dangerous 'Vawtrak Banking Trojan' Harvesting Passwords Worldwide

Security researcher has discovered some new features in the most dangerous Vawtrak, aka Neverquest, malware that allow it to send and receive data through encrypted favicons distributed over the secured Tor network. The researcher, Jakub Kroustek from AVG anti-virus firm, has provided an in-depth...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2015/01/20 8:33 p.m.7 views

Like a Nesting Doll, Vawtrak Malware Has Many Layers

Researchers have peeled back more layers on Vawtrak, a relatively new banking Trojan so complex that those who have taken it apart have likened it to a Matryoshka, or Russian nesting doll. Virus Bulletin published a deep dive on the malware penned by Raul Alvarez, a researcher with Fortinet,...

0.2AI score
Exploits0References3
Rows per page
Query Builder