Category Archives: banking Trojan

TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services

The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transactions.The Android app, called "TrickMo" by IBM X-Force researchers, is under active development and has exclusively targeted German users

TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol (RDP) connection exposed to the Internet.The module, dubbed "rdpScanDll," was discovered on January 30 and is said to be still in development, said cybersecurity firm

FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware

The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years.Maksim Yakubets, the leader of 'Evil Corp' hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex — also known as 'Bugat'

Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison

A Russian hacker who created and used Neverquest banking malware to steal money from victims' bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York.Stanislav Vitaliyevich Lisov, 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the

New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware.Though the new malware campaigns are not customized for each organization, the threat actors appear to be more

Cerberus: A New Android ‘Banking Malware For Rent’ Emerges

After a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses.Dubbed "Cerberus," the new remote access Trojan allows remote attackers to take total control over the infected Android devices and

‘GozNym’ Banking Malware Gang Dismantled by International Law Enforcement

In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware.GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe, primarily in the United States and Europe, for years. <!-- adsense --> GozNym was created by

Source Code for CARBANAK Banking Malware Found On VirusTotal

Security researchers have discovered the full source code of the Carbanak malware—yes, this time it's for real.Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants.In July last year, there was a

Popular Video Editing Software Website Hacked to Spread Banking Trojan

If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer.The official website of the VSDC software — one of the most popular, free video editing and converting app with over 1.3 million monthly visitors — was hacked, unfortunately once

Cybercriminals Hijack Router DNS to Distribute Android Banking Trojan

Security researchers have been warning about an ongoing malware campaign hijacking Internet routers to distribute Android banking malware that steals users' sensitive information, login credentials and the secret code for two-factor authentication.In order to trick victims into installing the Android malware, dubbed Roaming Mantis, hackers have been hijacking DNS settings on vulnerable and