Pavel Asinovsky – WindowsTechs.com

Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey

Posted on June 18, 2020 by Pavel Asinovsky

The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a simple short message server (SMS) stealer and rapidly evolved into one of the most advanced actors in the financial fraud landscape. Ginp has primarily targeted Spanish banks, but recent evidence […]

The post Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey appeared first on Security Intelligence.

Continue reading Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey→

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

Posted on March 24, 2020 by Pavel Asinovsky

Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component.

The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence.

Continue reading TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany→

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Posted on July 9, 2019 by Pavel Asinovsky

IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.

The post Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT) appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)→

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Posted on July 2, 2019 by Pavel Asinovsky

IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.

The post Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? appeared first on Security Intelligence.

Continue reading Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?→

Diving Into Zberp’s Unconventional Process Injection Technique

Posted on October 16, 2017 by Pavel Asinovsky

IBM X-Force Research discovered a new variant of Zberp that evades API threat detection tools using a code injection technique it borrowed from Carberp.

The post Diving Into Zberp’s Unconventional Process Injection Technique appeared first on Security Intelligence.

Continue reading Diving Into Zberp’s Unconventional Process Injection Technique→

Diving Into Zberp’s Unconventional Process Injection Technique

Posted on October 16, 2017 by Pavel Asinovsky

IBM X-Force Research discovered a new variant of Zberp that evades API threat detection tools using a code injection technique it borrowed from Carberp.

The post Diving Into Zberp’s Unconventional Process Injection Technique appeared first on Security Intelligence.

Continue reading Diving Into Zberp’s Unconventional Process Injection Technique→