Security experts at ESET detected a new variant of iBanking Trojan offered in the underground that exploits Facebook platform as vector of infection. iBanking is the name of a mobile banking Trojan app distributed through HTML injection attacks on banking sites. iBanking deceives victims impersonating itself as a  ‘Security App‘ for Android, we have spoken about it  early 2014 […]
iBanking is a new mobile banking Trojan available for sale in the underground for $5,000 according the RSA’s FraudAction Group. The source code for iBanking banking trojan has been leaked online through an underground forum, this kind of news reports a serious threat from the cybercrime ecosystem. Like happened for other trojan, including Zeus and Carberp, the […]
Security researchers at InterCrawler discovered a Banking trojan which infected a large number of devices the Middle East belonging to Islamic Banks. IntelCrawler cyber intelligence firm discovered a large fraud campaign against major Islamic banking institutions. The attackers have used a sizable mobile botnet, more than 27 000 intercepted SMS-messages were detected between April 2013 and […]
The last update for the Facebook Android app reads user’s text messages, is it an abuse of privilege or what else? Here you are the truth … maybe A recent update for Facebook Android raised a great concern for user’s privacy because it can read text messages on the smartphone. The climate of suspicion after the […]
The company has issued a security advisory to warn users that Yahoo Mail Service was hacked, hackers have stolen credentials of its email customers. Yahoo Mail! is considered one of the largest email service providers, millions of people use is every day, it’s clear that it represents an attractive target for cyber criminals. The […]
The hack of a social media account is a common incident that could have a serious impact of our digital identity. How to prevent it? What to do in case of hack? Social media, cloud computing and mobile are technologies that most of all attract cybercriminals due their high penetration, exploiting this channels attackers could […]
The Antivirus vendor Malwarebytes revealed that the Wroba banking trojan distributed via file sharing sites and alternative markets targeted Korean users. Today I presented at Cyber Threat Summit 2013 the topic “Modern online-banking cybercrime” and just a few hours after it is appeared the new Android banking Trojan targeting Korean banks. The number of malware […]
Researchers at last USENIX security symposium presented a new method and consolidated techniques for reversing Dropbox code to bypass Dropboxâs two factor authentication, hijack Dropbox accounts and intercept SSL data. Reversing Dropbox analysis allowed researchers to crack its open cloud storage service, reverse engineering the encryption protecting the client it is possible to open it up […]
Brute forcing applications spotted in the wild demonstrates the continual interest of cybercrime … What is the limitations of this attack technique? Cybercrime industry has a fervent creativity and  new products are daily offered in the underground. I desire to close this week with a look to the offer on the black market speaking of brute-forcing applications […]
Zouheir Abdallah revealed that a hacker already knows the victim’s credentials for Dropbox account that has 2FA authentication enabled, is able to hack it. Few hours ago I was informed that Q-CERT team found a critical vulnerability in DropBox that allows a hacker to bypass the two-factor authentication implemented by the popular file sharing service. […]