Lucene search
K

21 matches found

The Hacker News
The Hacker News
added 2023/05/05 11:49 a.m.3 views

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject toolkit called drIBAN since at least 2019. "The main goal of drIBAN fraud operations is to infect Windows workstations inside corporate environments trying to alter...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/11 12:29 p.m.25 views

Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security

Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/06 12:38 p.m.41 views

Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide

Cybersecurity researchers have shed light on a darknet marketplace called InTheBox that's designed to specifically cater to mobile malware operators. The actor behind the criminal storefront, believed to be available since at least January 2020, has been offering over 400 custom web injects group...

0.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/11/16 5:32 p.m.20 views

Disneyland Malware Team: It’s a Puny World After All

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. The...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/24 1:28 p.m.29 views

TrickBot Gang Likely Shifting Operations to Switch to New Malware

TrickBot, the infamous Windows crimeware-as-a-service CaaS solution that's used by a variety of threat actors to deliver next-stage payloads like ransomware, appears to be undergoing a transition of sorts, with no new activity recorded since the start of the year. The lull in the malware campaign...

1.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/16 2:3 p.m.33 views

TrickBot Malware Targeted Customers of 60 High-Profile Companies Since 2020

The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. "TrickBot is a sophisticated and versatile malware with mor...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/01 5:23 a.m.63 views

Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012. Mihai Ionut Paunescu aka "Virus", the individual in question, was detained at the El Dorado airport in...

1.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/25 1:5 a.m.246 views

Spam Downpour Drips New IcedID Banking Trojan Variant

Researchers have seen a new variant of the IcedID banking trojan sliding in via two new spam campaigns. Written in English and carrying .ZIP files full of the malware – or links to such ZIP files – the new twist on the old banking trojan is a tweaked downloader, which the threat actors moved from...

7.7AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/03/30 6:19 p.m.74 views

Zeus Sphinx Banking Trojan Arises Amid COVID-19

The Zeus Sphinx banking trojan is back after being off the scene for nearly three years. According to researchers Amir Gandler and Limor Kessem at IBM X-Force, Sphinx a.k.a. Zloader or Terdot began resurfacing in December. However, the researchers observed a significant increase in volume in Marc...

7.2AI score
Exploits0References13
ThreatPost
ThreatPost
added 2018/07/12 3:49 p.m.12 views

ThreatList: 6-Year-Old Dorkbot Banking Malware Resurfaces as Big Threat

The banking malware called Dorkbot is back. Samples of the 6-year-old malware are now ranked the second biggest banking malware headache in 2018 so far, according to new data from Check Point. “Dorkbot, known malware that dates back to 2012, has entered back the top ranks, starring in the APAC as...

1.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/05/11 5:29 p.m.16 views

Panda Banking Trojan Diversifies into Cryptocurrency, Porn, Other Targets

The Panda banking trojan, a spin-off from the infamous Zeus malware, is widening its net to attack more than just financial services targets, as seen in three ongoing campaigns discovered in May. The Windows-focused Panda is far from the cuddly thing its name would suggest. It has a full arsenal ...

0.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2017/08/29 2:54 p.m.15 views

Revamped Nukebot Malware Changes Targets, Adds Functions

A revamped version of the Nukebot banking trojan dubbed Jimmy Nukebot has shifted focus from stealing bankcard data and now acts as a conduit for quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of targeted systems. The code is a modification o...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/04/12 1:20 p.m.17 views

ZeuS Banking Trojan Resurfaces As Atmos Variant

Old nemeses die hard, especially when you’re banking malware named ZeuS. According to Denmark-based Heimdal Security, the potent 9-year-old malware ZeuS has morphed into the up-and-coming Atmos malware – now targeting banks in France. Researchers are warning that the criminals behind Atmos have...

1.6AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/04/03 10:12 a.m.46 views

IBM Outs Dyre Wolf Campaign Steals $1 Million

The Dyre banking Trojan‘s ascension to the top of the financial malware food chain took a massive leap forward in the first three months of 2015. Already spreading a damaging piece of malware that targets corporate bank accounts, the Eastern European keepers of Dyre recently upped their social...

9.3CVSS0.6AI score0.81628EPSS
Exploits22References5
ThreatPost
ThreatPost
added 2014/09/04 10:52 a.m.9 views

Neverquest Trojan Adds New Targets, Capabilities

Researchers have found some recent modifications to the Neverquest banking Trojan that indicate the malware is no longer just targeting online banking sites, but also is going after social media, retailers and some game portals. The new changes also give the Trojan the ability to insert extra...

2.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/07/15 11:30 a.m.11 views

New Kronos Banking Malware Advertised On Russian Forums

Criminals are advertising a new banking Trojan on Russian forums, one going for a hefty price and being marketed as a method of evading detection and analysis. To date, however, security researchers have yet to obtain a sample of Kronos, which is available on a few forums for pre-order at a cost ...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/06/10 9:52 a.m.17 views

New Pandemiya Banking Trojan Written From Scratch

Brand new, written-from-scratch malware is a relatively rare undertaking on the underground. Aside from some private endeavors, source code is available for a number of popular Trojans, including Zeus, Citadel and Carberp, making it easy for attackers to simply grab one off the shelf and get...

0.1AI score
Exploits0References5
The Hacker News
The Hacker News
added 2014/02/26 8:13 p.m.22 views

Tilon/SpyEye2 Banking Trojan Usage Declining after SpyEye Author Arrest

Today, when we come across various malware, exploit kits and botnets that are in the wild, we think about an effective Antivirus solution or a Security Patch, but the most effective solution is always "The arrest of malware authors and culprits who are involved in the development of Malware." Til...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/11 9:13 a.m.13 views

64-Bit Zeus Banking Trojan Communicates Over Tor Network

The infamous Zeus banking Trojan has gone 64-bit. But why? Researchers at Kaspersky Lab’s Global Research and Analysis Team spotted a new version of the malware that behaves much like its 32-bit contemporaries: it too uses Web injects to steal banking credentials to drain online accounts, steal...

0.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/08/23 3:48 p.m.9 views

Ramnit Worm Evolves Into Financial Malware

The Ramnit worm, known by researchers for its use of somewhat old-school malicious techniques, has now changed some of its tactics and morphed into financial malware, researchers say. As of now, researchers at Trusteer say they have no way of determining whether Ramnit has actually changed, or if...

1.6AI score
Exploits0References5
Rows per page
Query Builder