Banking Trojan – Page 5 – WindowsTechs.com

Attackers are using a Brazilian hacking tool against Spanish banks

Posted on April 14, 2020 by Sean Lyngaas

An easy-to-use hacking tool has made its way from Brazil’s criminal underworld to Spain, where it’s being used to try to steal from the customers of major banks, researchers said this week. The attackers have targeted customers of at least 10 large Spanish banks as part of an ongoing campaign, said Limor Kessem, IBM Security’s executive security advisor. “We have seen this sort of migration in the past, and this one is likely tied to local criminals [in Spain] using malware from counterparts in Brazil.” The malware, known as Grandoreiro, uses a remote-access feature which overlays images on a victim’s web browser, tricking them into keeping a banking session alive. That gives a hacker the opportunity to steal money from the victim’s account or swipe other account information, Kessem and her colleague, Dani Abramov said in a blog post. It remains unclear how many Spanish banking customers were targeted. The Spanish Banking […]

The post Attackers are using a Brazilian hacking tool against Spanish banks appeared first on CyberScoop.

Continue reading Attackers are using a Brazilian hacking tool against Spanish banks→

Grandoreiro Malware Now Targeting Banks in Spain

Posted on April 13, 2020 by Dani Abramov

A familiar malware threat called Grandoreiro, a remote-overlay banking Trojan that typically affects bank customers in Brazil, has spread to attack banks in Spain.

The post Grandoreiro Malware Now Targeting Banks in Spain appeared first on Security Intelligence.

Continue reading Grandoreiro Malware Now Targeting Banks in Spain→

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

Posted on April 7, 2020 by Ole Villadsen

Financially motivated, adaptable, sophisticated and persistent, the ITG08 threat group is likely to remain one of the most potent cybercriminal groups in this new decade.

The post ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework appeared first on Security Intelligence.

Continue reading ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework→

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

Posted on April 1, 2020 by Nir Somech

Since 2017, the IcedID Trojan has received consistent updates that enable it to continue targeting banks and other businesses. Find out what changes were included in the latest major release.

The post Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release appeared first on Security Intelligence.

Continue reading Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release→

Zeus Sphinx Banking Trojan Arises Amid COVID-19

Posted on March 30, 2020 by Tara Seals

The malware is back after three years, looking to cash in on interest in government relief efforts around coronavirus. Continue reading Zeus Sphinx Banking Trojan Arises Amid COVID-19→

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

Posted on March 30, 2020 by Amir Tal

The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19.

The post Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy appeared first on Security Intelligence.

Continue reading Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy→

TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services

Posted on March 25, 2020 by Ravie Lakshmanan

The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transac… Continue reading TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services→

TrickBot App Bypasses Non-SMS Banking 2FA

Posted on March 25, 2020 by Lindsey O'Donnell

TrickBot victims are being fooled into downloading an app that records their screens – stealing non-SMS 2FA passcodes for banking websites. Continue reading TrickBot App Bypasses Non-SMS Banking 2FA→

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

Posted on March 24, 2020 by Pavel Asinovsky

Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component.

The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence.

Continue reading TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany→

New TrickBot tool targets telecommunications in U.S., Hong Kong

Posted on March 18, 2020 by Shannon Vavra

The criminals behind the TrickBot banking trojan have retooled it for targeting telecommunications organizations in the U.S. and Hong Kong, according to new research from BitDefender. The new module, a malicious .dll file “rdpScanDll” allow attackers to run brute-forcing operations against Remote Desktop Protocols (RDPs). It’s just the latest update to TrickBot, which by design is built to be enhanced over time. The developers behind the banking trojan have not rested since it first sprouted up in 2016, and just earlier this year started using a new backdoor, according to SentinelOne research. BitDefender first saw a version of the module being developed in August of last year, Liviu Arsene, a global cybersecurity researcher at BitDefender, told CyberScoop. The multiple configurations TrickBot can take on will likely continue to be attractive for criminals’ and nation-states’ interests as they perpetually try to retool and maintain anonymity, according to Arsene. “That’s the beauty of everything you […]

The post New TrickBot tool targets telecommunications in U.S., Hong Kong appeared first on CyberScoop.

Continue reading New TrickBot tool targets telecommunications in U.S., Hong Kong→