26 Jan 2022

Threat Actors Blanket Androids with Flubot, Teabot Campaigns

Attackers have been using a technique called smishing and injecting a malicious Google Play QR reader to infect victims’ phones with malicious banking trojans. Researchers have detailed a variety of active campaigns delivering the Flubot and Teabot trojans via various different methods. In one case, malicious SMS messages containing a

Read More
16 Nov 2021

New banking Trojan SharkBot makes waves across Europe, US

Cybersecurity researchers at Cleafy discovered a new Andriod banking Trojan that has the ability to circumvent multi-factor authentication controls via the abuse of the Automatic Transfer System (ATS). The trojan was discovered in October and does not appear to belong to any known malware family. Researchers have named the malware

Read More
13 Apr 2021

Microsoft Warns of Malware Delivery via Google URLs

Microsoft has warned of a new campaign utilizing legitimate website contact forms to target victims with URLs that ultimately deliver a banking Trojan. The attack campaign is delivering the IcedID banking Trojan to businesses via emails containing fake legal threats, creating a sense of urgency and luring victims into clicking

Read More
28 Sep 2020

Alien Android Banking Trojan Sidesteps 2FA

A new variant of the infamous Cerberus banking Trojan named Alien has been ruthlessly targeting victims’ credentials for over 200 popular mobile apps, including Microsoft Outlook and Bank of America. The banking trojan is gaining access to Android devices worldwide through utilizing an advanced authentication bypass tool that allows it

Read More
02 Jul 2020

TrickBot malware now checks screen resolution to evade analysis

The notorious TrickBot trojan has evolved again, this time acquiring the ability to check the screen resolutions of victims to detect whether the malware is running on a virtual machine or on the actual device. Researchers typically analyze malware while running a virtual machine that is outfitted with different analysis

Read More
16 Jun 2020

US bank customers targeted in ongoing Qbot campaign

F5 Labs has discovered ongoing attacks utilizing the Qbot malware payloads to steal banking credentials from customers of US financial institutions, including JP Morgan, Wells Fargo, Capital One, Bank of America, and Citibank. Qbot is a banking trojan with features that are used to steal financial data, such as logging

Read More
12 Jun 2020

FBI Expects Increased Targeting of Mobile Banking Applications

The FBI’s Internet Crime Complaint Center released an alert earlier this week warning Americans that threat actors will likely increasingly target mobile banking applications as they rise in popularity. According to the alert, mobile banking application use went up by 50% since the beginning of this year, drawing the attention

Read More
04 May 2020

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy

IBM X-Force recently disclosed that malicious actors are spreading the TrickBot trojan through fake messages that are COVID-19 themes. The new campaign capitalizes on public concern and interest in the Department of Labor’s Family and Medical Leave Act (FMLA). IBM X-Force stated that they uncovered the campaign after the analysis

Read More
31 Mar 2020

Zeus Sphinx Banking Trojan Arises Amid COVID-19

After three years, the Zeus Sphinx banking trojan has returned to the cybersecurity scene amid the global pandemic, aiming to capitalize on government relief efforts. According to two researchers at IBM X-Force, Amir Gandler and Limor Kessem, the trojan began resurfacing in December, however, there has been a significant increase

Read More
03 Mar 2020

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has recently increased its capabilities, adding Windows 10 ActiveX control. This new feature gives the banking trojan the ability to execute malicious macros that are hidden in documents. A researcher at Morphisec Labs stated that in the past few weeks, two dozen documents have emerged that

Read More