02 Jul 2020

TrickBot malware now checks screen resolution to evade analysis

The notorious TrickBot trojan has evolved again, this time acquiring the ability to check the screen resolutions of victims to detect whether the malware is running on a virtual machine or on the actual device. Researchers typically analyze malware while running a virtual machine that is outfitted with different analysis

Read More
16 Jun 2020

US bank customers targeted in ongoing Qbot campaign

F5 Labs has discovered ongoing attacks utilizing the Qbot malware payloads to steal banking credentials from customers of US financial institutions, including JP Morgan, Wells Fargo, Capital One, Bank of America, and Citibank. Qbot is a banking trojan with features that are used to steal financial data, such as logging

Read More
12 Jun 2020

FBI Expects Increased Targeting of Mobile Banking Applications

The FBI’s Internet Crime Complaint Center released an alert earlier this week warning Americans that threat actors will likely increasingly target mobile banking applications as they rise in popularity. According to the alert, mobile banking application use went up by 50% since the beginning of this year, drawing the attention

Read More
04 May 2020

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy

IBM X-Force recently disclosed that malicious actors are spreading the TrickBot trojan through fake messages that are COVID-19 themes. The new campaign capitalizes on public concern and interest in the Department of Labor’s Family and Medical Leave Act (FMLA). IBM X-Force stated that they uncovered the campaign after the analysis

Read More
31 Mar 2020

Zeus Sphinx Banking Trojan Arises Amid COVID-19

After three years, the Zeus Sphinx banking trojan has returned to the cybersecurity scene amid the global pandemic, aiming to capitalize on government relief efforts. According to two researchers at IBM X-Force, Amir Gandler and Limor Kessem, the trojan began resurfacing in December, however, there has been a significant increase

Read More
03 Mar 2020

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has recently increased its capabilities, adding Windows 10 ActiveX control. This new feature gives the banking trojan the ability to execute malicious macros that are hidden in documents. A researcher at Morphisec Labs stated that in the past few weeks, two dozen documents have emerged that

Read More
08 Nov 2019

You’ve got malware: Malicious actors are waiting in your inbox

A new report by Proofpoint looks at the email threat landscape in Q3 of this year. It shows that message containing malicious URLs now make up 88% of email-based threats. The overall volume of messages designed to get users to interact with nefarious URLs or attachments fell by 40% compared

Read More
25 Jan 2019

This malware uses debt to prey on banking victims

Security researchers with Palo Alto Networks have been tracking a malware campaign involving the distrubution of the Redaman banking Trojan through widespread malspam campaigns with varying subject lines relating to debt collection and other financial obligations. The campaign mainly targets Russian speakers, although emails containing the Trojan as an attachment have been

Read More