18 Oct 2021

TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

The TrickBot ransomware group, which also created BazarLoader and the Conti ransomware, has just upped its distribution tactics to become more of a threat. The cybercriminals behind the TrickBot Trojan have signed two additional distribution affiliates, named Hive0106 and Hive 0107 by IBM X-Force. The result of this move is

Read More
29 Sep 2021

This dangerous mobile Trojan has stolen a fortune from over 10 million victims

Zimperium zLabs has reported that a new malware Trojan targeting Android devices has achieved a victim count of over ten million across at least 70 different countries. The malware has been embedded in at least 200 malicious applications, many of which were able to circumvent protections offered by the Google

Read More
13 Sep 2021

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight

A new Android banking trojan referred to as SOVA is currently under active development, according to researchers. The malware is reportedly looking to incorporate several tools into its arsenal, including ransomware functionality, distributed denial of service, and man in the middle. The banking trojan already boasts functions such as banking

Read More
07 Jul 2021

SideCopy cybercriminals use new custom Trojans in attacks against India’s military

Researchers at Cisco Talos recently published a report detailing the activity of the advanced persistent threat group known as SideCopy, which has recently been targeting India with new Trojans. The threat group has been active since 2019 and focuses on valuable assets when choosing its targets. SideCopy has previously targeted

Read More
07 Jun 2021

Latvian Woman Charged with Developing Malware for Trickbot

Alla Witte, a 55-year-old Latvian woman, has been charged with multiple counts for her alleged role in developing malware for the notorious Trickbot group. Witte has been charged with 19 counts of a 47-count indictment. Witte was arrested in February in Miami. Trickbot initially started several years ago as a

Read More
07 Jun 2021

Google PPC Ads Used to Deliver Infostealers

Researchers have traced the origins of several increasingly popular information stealers, including Tesla, Taurus, Amadey, and redline. The investigation found that threat actors are delivering the information stealers through pay-per-click ads that appear in Google’s search results, allegedly paying high prices for results for AnyDesk, Dropbox, and Telegram apps that

Read More
18 May 2021

Bizarro Banking Trojan Sports Sophisticated Backdoor

Bizarro, a new Brazilian banking trojan, has launched a campaign targeting customers of roughly 70 known banks located throughout Europe and South America, according to researchers. The advanced malware has taken its operation global, seeking to harvest targets’ bank logins. Kaspersky released an analysis on Bizarro earlier this week, stating

Read More
15 Apr 2021

100,000 Google Sites Used to Install SolarMarket RAT

Hackers are currently utilizing search engine optimization (SEO) tactics to direct users seeking common business forums such as invoices, receipts, or other templates to redirect them to hacker-controlled domains. According to eSentire’s Threat Response Unit, attackers are currently in possession of more than 100,000 malicious Google sites that seem legitimate

Read More
06 Apr 2021

LinkedIn Spear-Phishing Campaign Targets Job Hunters

A new campaign has been observed to target job hunters seeking opportunities via Linkedin. A threat group named Golden Chickens is allegedly behind the campaign, which creates fake job offers to lure professionals into downloading a backdoor Trojan called more_eggs. The spear-phishing campaign was discovered by researchers at eSentire. The

Read More
06 Apr 2021

Meet Janeleiro, a new banking Trojan striking company, government targets

A new Brazilian banking Trojan has emerged, targeting government entities. The malware has allegedly been in development since 2018, according to an advisory published on Tuesday by the ESET. The malware has been named Janeleiro, and appears to be focused on Brazilian targets exclusively. The malware has targeted other entities,

Read More