The DanaBot banking Trojan continues to evolve and spread across the continents, now moving from Australia to European countries. DanaBot is a multi-stage modular banking Trojan written in Delphi that first appeared on the threat landscape in 2018. The malware implements a modular structure that allows operators to add new functionalities by adding new plug-ins. The […]
Security researchers at eSentire tracked a new campaign spreading a variant of the Dridex banking Trojan that shows polymorphism. Security experts at eSentire observed a new campaign spreading a variant of the Dridex banking Trojan that implements polymorphism. The Dridex banking Trojan that has been around since 2014, it was involved in numerous campaigns against financial institutions over the […]
Security experts at Proofpoint warn of the resurfacing of the Retefe banking Trojan that implements new techniques to avoid detection. The Retefe banking Trojan resurfaces in that threat landscape and implements new techniques to avoid detection. The new variant resurfaced in April, it uses the stunnel encrypted tunneling mechanism and abuses a legitimate shareware app. […]
Researchers from Proofpoint have discovered a new variant of the infamous Kronos banking Trojan that was involved in several attacks in the recent months. The infamous Kronos banking Trojan is back, and according to the experts from Proofpoint it was involved in several attacks in the last months. The malware was first spotted in 2014 by researchers at […]
The source code of the Exobot Android banking trojan has been leaked online, researchers already verified its authenticity. The source code of the Exobot Android banking trojan has been leaked online and experts believe that we will soon assist at a new wave of attacks based on the malware. The Exobot Android banking trojan was first spotted at the end […]
A new variant of the infamous Ursnif malware spread in the wild and adopts a new advanced evasion technique dubbed Double Process Hollowing. Whereas the malware LockPos, famous for its new incredibly advanced and sophisticated evasion technique, spread and affected many Points of Sale, another variant spread in the wild and adopts a similar but […]
It has happened again, several banking Trojan samples have been found on Google Play, this time the malicious code targeted a number of Polish banks. The malware was disguised as seemingly legitimate apps âCrypto Monitorâ, a cryptocurrency price tracking app, and âStorySaverâ, a third-party tool for downloading stories from Instagram. The malicious code is able to display […]
Cisco researchers discovered a malware campaign abusing a legitimate VMware binary to spread a banking Trojan. The threat actor behind the campaign uses multiple methods of re-direction when infecting the victimsâ machines in order to remain under the radar, it also implemented a variety of anti-analysis techniques. The malware is written in Delphi, a novelty for […]
Cyber criminals behind the Retefe banking Trojan have improved it by adding a new component that uses the NSA exploit EternalBlue. ETERNALBLUE is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack and NotPetya massive attacks. ETERNALBLUE targets the SMBv1 protocol and it has become widely adopted in the community of malware developers. Investigations on WannaCry, for […]
Researchers discovered a new Android banking Trojan, dubbed Red Alert 2.0, that is being offered for rent on many dark websites for $500 per month. Researchers with security firm SfyLabs have discovered a new Android banking Trojan, dubbed Red Alert 2.0, that is being offered for rent on many dark websites for $500 per month. “The last […]