Security News
An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over 400 online banking sites and cryptocurrency exchanges. The malware generates login screens overlaid on top of the banking and crypto exchange apps' login forms when victims attempt to log in to the site, tricking the user into entering their credentials on well-crafted HTML phishing pages.
Where's the Night's Watch when you need them? Microsoft has warned Europe to be on alert for cyber attacks from Russia this winter, just as a series of attacks hit Russian organizations –...
Russia's second-largest financial institution VTB Bank says it is facing the worse cyberattack in its history after its website and mobile apps were taken offline due to an ongoing DDoS...
Russia's second-largest financial institution VTB Bank says it is facing the worse cyberattack in its history after its website and mobile apps were taken offline due to an ongoing DDoS attack. "At present, the VTB technological infrastructure is under unprecedented cyberattack from abroad," stated a VTB spokesperson to TASS. "It is not only the largest cyberattack recorded this year, but in the entire history of the bank."
Israeli fortifications in the West Bank are becoming a bit more faceless, as the military has reportedly deployed robotic turrets capable of firing stun grenades, less-than-lethal bullets, and tear gas at Palestinians protesting their presence. The remote-controlled auto guns were recently spotted at the Al-Aroub refugee camp in the southern West Bank, and in the city of Hebron, where locals speaking to the Associated Press told tales of weapons that fire without warning and frequently coat hillsides in tear gas.
Cybersecurity researchers are warning of "Massive phishing campaigns" that distribute five different malware targeting banking users in India. "The bank customers targeted include account subscribers of seven banks, including some of the most well-known banks located in the country and potentially affecting millions of customers," Trend Micro said in a report published this week.
Robin Banks, the phishing-as-a-service platform that was kicked off Cloudflare for malicious activity, is back in action with a Russian service provider and new tools to make it easier to bypass security measures. IronNet's Threat Research unit first wrote about Robin Banks in July, detailing a threat group that was selling phishing kits to cybercriminals who then would use those tools to steal credentials and financial data of people in the US, the UK, Canada, and Australia.
A phishing-as-a-service platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day disruption to operations," according to a report from cybersecurity company IronNet.
The Robin Banks phishing-as-a-service platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the platform as a highly threatening phishing service targeting Citibank, Bank of America, Capital One, Wells Fargo, PNC, U.S. Bank, Santander, Lloyds Bank, and the Commonwealth Bank.
A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers. In one robbery, "a network of more than 400 mule subscriber accounts were used to quickly cash out stolen funds mostly done overnight via ATMs," the researchers wrote in a report this month.