A new banking trojan for Android devices relies on the accelerometer sensor to delay its running on the system and thus evade analysis from security researchers.
A new version of the TrickBot banking Trojan continues its evolution of targeting security software in order to prevent its detection and removal. In this new version, TrickBot has set its sights on Windows Defender, which for many people is the only antivirus installed on a Windows 10 machine.
Trickbot trojan continues to evolve as its operators started to deploy a custom proxy module to their victims. The new component is derived from BokBot's code for web injection attacks and works with popular web browsers.
Researchers from Cofense have discovered a new malspam campaign that delivers fake eFax messages designed to drop a banking Trojan and RAT cocktail via malicious Microsoft Word document attachments.
The BianLian banking Trojan has been upgraded with two new modules designed to record the screens of infected Android devices and to create a SSH server for camouflaging its communication channels.
Trickbot trojan now comes with a separate module for stealing browser cookies, threat researchers found on Tuesday, marking new progress in the malware's development.
A new malicious campaign is distributing an upgraded variant of DanaBot that comes with a new ransomware module used to target potential victims from Italy and Poland via phishing emails which deliver malware droppers.
The multifunctional Emotet botnet malware was the most prevalent email-based threat in the first three months of the year, showing it is among the top choices for cybercriminals.
Ten members of the GozNym cybercriminal group which used the Avalanche malware distribution network to launch malware attacks against businesses and financial institutions were indicted today for computer fraud conspiracy, wire and bank fraud conspiracy, and money laundering.
Threat actors ran a malvertising campaign on the Russian Yandex.Direct advertising network starting October 2018 to disseminate a malware cocktail designed to encrypt victims' data and steal cryptocurrency.
A new Emotet Trojan variant has been observed in the wild with the added capabilities of using compromised connected devices as proxy command-and-control servers and of employing random URI directory paths to evade network-based detection rules.
A phishing campaign dropping the Qbot banking Trojan with the help of delivery emails camouflaging as parts of previous conversations was spotted during late March 2019 by the JASK Special Operations team.
For the past two years, the source code for the Carbanak banking malware has been sitting on VirusTotal scanning platform, available for any researcher that recognized it.
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer.
An Android application which steals PayPal credentials, encrypts files from the device's external storage, and locks the screen using a black screen was spotted in the Google Play Store by ESET malware researcher Lukas Stefanko.
A previously unreported advanced banking trojan named Gustuff can steal funds from accounts at over 100 banks across the world and rob users of 32 cryptocurrency Android apps.
The number of Android users attacked by banking malware saw an alarming 300% increase in 2018, with 1.8 million of them being impacted by at least one such attack during the last year.
Mobile users have been targeted by almost twice as many attacks using malicious software during 2018, going up from 66.4 million in 2017 events detected during 2017 to 116.5 million until the end of last year according to a report by Kaspersky Lab.
The infamous Trickbot banking Trojan's password stealer module has been recently upgraded to grab credentials used to authenticate to remote servers using VNC, PuTTY, and Remote Desktop Protocol (RDP)..
A new malware campaign distributing the Ursnif banking Trojan using PowerShell to achieve fileless persistence to hide from anti-malware solutions was detected by Cisco's Advanced Malware Protection Exploit Prevention engine