man-in-the-browser Archives - Security Affairs

Pierluigi Paganini July 05, 2014

Massive Boleto fraud in Brazil caused 3,75 USD billion losses

RSA Security has discovered a large-scale malware campaign, which hijacked Boleto payments causing an amount of financial losses for 3,75 USD billion losses. Security experts at RSA Security have recently discovered a large-scale malware campaign that’s been operating at least for two years, the malicious code implements the man-in-the-browser technique to exploit vulnerabilities in popular browsers, including Chrome, Firefox […]

Pierluigi Paganini July 03, 2014

Geodo, the banking trojan with email self-spreading feature

Security researchers from Seculert firm have discovered a variant of the Cridex banking worm, dubbed Geodo, which spreads itself through email. In the last months a significant number of banking trojans have been proposed by cyber criminal ecosystem, from EMOTET to Dyreza, criminals have used a wide casuistry of techniques to deceive bank customers. The primary purpose of the […]

Pierluigi Paganini April 07, 2014

New Zeus trojan variant digitally signed in the wild

Security researchers at Comodo have detected a new Zeus trojan variant enhanced with digital signature of its source code to avoid detection. The security community is once again menaced by Zeus banking trojan, a new variant of the malicious ZeuS Trojan has been identified by researchers at Comodo AV labs. This instance presents an interesting feature, it is […]

Pierluigi Paganini March 27, 2014

Gameover ZeuS is Targeting recruitment websites

Security experts at F-Secure have detected a new variant of Gameover ZeuS financial Trojan which is targeting recruitment websites. Zeus Trojan is probably one of the most prolific and long-lived malware, security firms have discovered in the last years numerous variant even more sophisticated. After the public release of it source code, principal security firms have […]

Pierluigi Paganini February 21, 2014

Zeus variant hit Software-as-a-service applications

Discovered a Zeus variant that implements a web-crawling feature to hit Software-as-a-service applications to obtain access to proprietary data or code This is the second news on Zeus malware in less than a week, previous one was related to a new variant using steganography to hide configuration file, this last discovery is related to a version even more […]

Pierluigi Paganini February 18, 2014

Detected new Zeus variant which makes use of steganography

Security experts at Malwarebytes detected a new of the popular Zeus banking trojan variant which makes use of steganography to hide the configuration file. The immortal Zeus malware strikes again, researchers at Malwarebytes have found a new variant of the banking trojan. The new variant of Zeus is using the steganography to disguise the configuration code […]

Pierluigi Paganini February 04, 2014

Hackers use encryption to server a GameOver Zeus banking malware

Security experts at Malcovery firm have detected a new Zeus variant bypassing the security traditional defenses with the usage of encryption. Zeus malware is hard to die, the availability of its source code in the wild caused periodically the born of a new variant, even more resistant and sophisticated. Over the years, we saw variants […]

Pierluigi Paganini December 11, 2013

Detected 64-bit ZeuS banking trojan using Tor network

Security researchers at Kaspersky Lab have detected a 64-bit Zeus banking trojan version enhanced with communication capability on the Tor network. Is Zeus banking trojan dead? Absolutely no! Periodically security experts found new a variant that includes new features to make it more resilient and able to spread itself via social networks. Last variant was […]

Pierluigi Paganini September 05, 2013

Man In The Browser attacks scare banking world

The majority of financial service professionals considers Man In The Browser as the greatest threat to online banking, cybercrime increases its use. Man In The Browser attack, DDoS attacks, phishing are most insidious cyber threats against banking institutions. Last statistics proposed by principal security firms confirm that online banking is considered a lucrative business for […]

Pierluigi Paganini June 18, 2013

Zeus Trojan steals funds and recruits Money Mules

Security firm Trusteer detected a new variant of Zeus Trojan that steals funds and recruits Money Mules proposing jobs ads to the victims using Man-in-the-Browser (MitB) techniques. Zeus Trojan is becoming even more complex, its evolution is unpredictable due to the intense activity in the underground on its source code. Various forums in the underground offer customization […]