Largest Dark Web Webinjects Marketplace “In The Box” Discovered

By Deeba Ahmed A new dark web marketplace called InTheBox has surfaced online, serving smartphone malware developers and operators. This is a post from HackRead.com Read the original post: Largest Dark Web Webinjects Marketplace “In The Box” Discovered...

Largest Dark Web Webinjects Marketplace “In The Box” Discovered

By Deeba Ahmed A new dark web marketplace called InTheBox has surfaced online, serving smartphone malware developers and operators. This is a post from HackRead.com Read the original post: Largest Dark Web Webinjects Marketplace “In The Box” Discovered...

TrickBot Botnet Found Deploying A New Ransomware Called Diavol

Threat actors behind the infamous TrickBot malware have been linked to a new ransomware strain named "Diavol," according to the latest research. Diavol and Conti ransomware payloads were deployed on different systems in a case of an unsuccessful attack targeting one of its customers earlier this...

sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting

A new PowerShell downloader dubbed sLoad is making the rounds, sporting impressive reconnaissance tactics and a penchant for geofencing, which indicate increasing sophistication when it comes to targeting efforts. First spotted in May 2018, sLoad typically delivers the Ramnit banking trojan but h...

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers a...

Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan

Santander Bank customers should be aware of an effective spam campaign spreading the Trickbot banking Trojan that is coming from domains similar to those used by the financial institution. Researchers at My Online Security and the SANS Institute’s Internet Storm Center say that Santander is not t...

NukeBot Banking Trojan Source Code Leaked Online by Author

The author behind NukeBot, a modular banking Trojan, released source code for the malware earlier this month in an apparent effort to regain the trust of the cybercrime community. Gosya, NukeBot’s creator, posted a GitHub link to the malware, calling it a “zeus-like banking trojan,” on several...

CoreBot Adds New Capabilities, Transitions to Banking Trojan

As researchers expected it would, CoreBot, the credential-stealing malware that surfaced last month, has added a bevy of new capabilities and reinvented itself as a robust banking Trojan. Researchers said the malware shares more similarities with Dyre, another high profile banking Trojan, than a...

Versatility of Zeus Framework Encourages Criminal Innovation

A new report on the Zeus trojan’s evolution shows that the malware was moved from harvesting online banking credentials to controlling botnets and launching distributed denial of service attacks attributes the evolution to the highly customized and incredibly versatile framework Zeus is today...

Zeus Peer to Peer Trojan Hits Banks in 10 New Countries

The Zeus financial malware may be old, but it’s hardly slowing down. The peer-to-peer version of the prolific Trojan was especially busy in the first quarter with infections reported by banks in 10 countries that previously had eluded Zeus’ reach. CSIS Security of Denmark said the gang behind Zeu...

Shylock/Caphaw Banking Malware Infections on the Rise

Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...