Things are about to get a lot worse for Android users after the source code of a highly advanced Android banking trojan has been sold to different parties on a well-known hacking forum.
Three malware strains —GratefulPOS, Emotet, and Zeus Panda— have sprung to life with new active campaigns just in time for the holiday shopping season.
A UK court has sentenced a Barclays bank employee to six years and four months in prison for helping members of the Dridex cyber-criminal network launder over £2.5 million, which is approximately $3.33 million at today's exchange rate.
Everything else is new, and there's a lot of it. According to Bitdefender, Terdot can also operate a local MitM proxy server to sniff and reroute web traffic, can target more than just banking sites, and can also download and execute files from a remote server.
When you think you've seen it all, malware authors always find a way to impress you. Today's "that's clever!" moment comes courtesy of a criminal group that's been spreading a new version of the Zeus Panda banking trojan since June, this year.
Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges.
A new spam campaign is using malicious CHM files to download and install Brazilian banking Trojans.
A third banking trojan has added support for EternalBlue, an exploit supposedly created by the NSA, leaked online by the Shadow Brokers, and the main driving force behind the WannaCry and NotPetya ransomware outbreaks.
A malware group is using Facebook's CDN servers to store malicious files that it later uses to infect users with banking trojans.
The TrickBot banking trojan has added support for stealing funds stored in Coinbase.com accounts, according to a recent version spotted in a distribution campaign last week.
Ukrainian authorities and businesses are on alert after a local security firm reported that another accounting software maker got hacked and its servers were being used to spread malware.
Google has yet to remove two apps infected with dangerous malware that are currently still available for download via the official Google Play Store.
It was to be expected that Android banking trojan operators would eventually set their sights on ride-hailing applications, considering that these apps work with a user's financial data on a daily basis.
A new version of the Svpeng Android banking trojan has started making victims during the past month, and at the origin of this sudden surge in activity is a criminal selling a new and improved version of Svpeng on a Russian underground hacking forum.
MalwareTech — the security researcher who stopped the WannaCry ransomware outbreak — was arrested in Las Vegas on accusations of creating the Kronos banking trojan together with another person.
Security researchers have found malware inside the firmware of several low-cost Android smartphones, such as Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.
Two banking trojans — Emotet and Trickbot — have added support for a self-spreading component to improve their chances of infecting other victims on the same network.
In July 2017, security researchers have spotted a new version of the proficient Ursnif banking trojan that comes with a clever trick to avoid sandbox environments and automated virtual machines by using mouse movements to detect if a real user is interacting with the computer.