Category Archives: banking malware

Grandoreiro Malware Now Targeting Banks in Spain

Posted on by

A familiar malware threat called Grandoreiro, a remote-overlay banking Trojan that typically affects bank customers in Brazil, has spread to attack banks in Spain.

The post Grandoreiro Malware Now Targeting Banks in Spain appeared first on Security Intelligence.

Continue reading Grandoreiro Malware Now Targeting Banks in Spain

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

Posted on by

Since 2017, the IcedID Trojan has received consistent updates that enable it to continue targeting banks and other businesses. Find out what changes were included in the latest major release.

The post Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release appeared first on Security Intelligence.

Continue reading Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

Posted on by

The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19.

The post Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy appeared first on Security Intelligence.

Continue reading Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services

Posted on by

The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transac… Continue reading TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

Posted on by

Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component.

The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence.

Continue reading TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

Posted on by

Recent CamuBot activity resurfaced exactly one year after IBM X-Force researchers made the initial discovery of this malware in September 2018.

The post CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil appeared first on Security Intelligence.

Continue reading CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users

Posted on by

IBM X-Force researchers have discovered a new campaign targeting organizations with fake business emails that deliver NetWire remote-access Trojan (RAT) variants.

The post New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users appeared first on Security Intelligence.

Continue reading New NetWire RAT Campaigns Use IMG Attachments to Deliver Malware Targeting Enterprise Users

GozNym cyberattackers sentenced in Pittsburgh and Tbilisi, Georgia

Posted on by

The U.S. Department of Justice has announced the sentencing of three members of the network behind the GozNym cyberattacks on U.S. entities resulting in the theft of $100 million. Krasimir Nikolov, 47, of Varna, Bulgaria, was sentenced on December 16, … Continue reading GozNym cyberattackers sentenced in Pittsburgh and Tbilisi, Georgia