Security News

A newly discovered Android banking Trojan relies on screen recording and keylogging instead of HTML overlays for the capturing of login credentials, according to security researchers at ThreatFabric. ThreatFabric said the mobile malware leverages the Accessibility Services to identify the application running in the foreground and, if the app is in the target list, the malware starts screen recording.

Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. As part of an effort to lend credibility to their phishing attacks, the operators worked by sending emails under the guise of legitimate package delivery services and government entities such as the Treasury, urging the recipients to click on a link that stealthily downloaded malicious software onto the systems.

The TrickBot trojan is adding man-in-the-browser capabilities for stealing online banking credentials that resemble Zeus, the early banking trojan, researchers said - potentially signaling a coming onslaught of fraud attacks. According to researchers at Kryptos Logic Threat Intelligence, this functionality is carried out by TrickBot's webinject module.

Researchers have seen a new variant of the IcedID banking trojan sliding in via two new spam campaigns. ZIP files full of the malware - or links to such ZIP files - the new twist on the old banking trojan is a tweaked downloader, which the threat actors moved from the initial x86 version to the latest: an x86-64 version.

Amid the COVID-19 crisis, the global market for biometrics for banking and financial services estimated at $4.4 billion in the year 2020, is projected to reach a revised size of $8.9 billion by 2026, growing at a CAGR of 12.8% over the analysis period, according to Global Industry Analysts. This segment currently accounts for a 22.8% share of the global biometrics for banking and financial services market.

The U.S. Department of Justice on Friday charged a Latvian woman for her alleged role as a programmer in a cybercrime gang that helped develop TrickBot malware. Since its origin as a banking Trojan in late 2015, TrickBot has evolved into a "Crimeware-as-a-service" capable of pilfering valuable personal and financial information and even dropping ransomware and post-exploitation toolkits on compromised devices, in addition to recruiting them into a family of bots.

While enterprises stagger under sustained ransomware attacks, Android users are increasingly being targeted by banking malware, with Slovakian infosec firm ESET reckoning it had seen a 159 per cent increase in such malicious software over the last few months. Tongue in cheek, the firm added: "It is interesting to see a real-life example of what can cause Android users to suddenly become interested in cybersecurity protection!".

As the post-pandemic economy roars back to life, cybercriminals are using a new whirlwind of transactions as cover to launch an extraordinary number of bank fraud attacks. In just the past quarter, the number of attacks on banks ballooned by 159 percent.

A banking trojan named Bizarro that originates from Brazil has crossed the borders and started to target customers of 70 banks in Europe and South America. Bizarro is under constant development as its author keeps expanding the list of supporting banks and they modify it to improve anti-analysis protections.

Bizarro is a new banking trojan that is stealing financial information and crypto wallets. The program can be delivered in a couple of ways­ - either via malicious links contained within spam emails, or through a trojanized app.