Security News

The Brazilian cybercriminals behind four banking Trojans collectively dubbed "Tetrade" have decided to expand their business and started targeting victims internationally, Kaspersky's security researchers reveal. The four banking Trojan families - Guildma, Javali, Melcoz and Grandoreiro - have been active for years, but started emerging in attacks in North America, Europe, and Latin America only last year.

A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts. A study of banking apps for iOS and Android has led researchers to conclude that "None of the tested mobile banking applications has an acceptable level of security."

No financial firm is ever safe, especially as cybercriminals become more determined and sophisticated in their attack methods. Cybercriminals often work to exploit fear and uncertainty during major world events by launching cyber attacks, and the pandemic is no exception.

Qbot, an ever-evolving information-stealing trojan that's been around since 2008, has reappeared after a hiatus to target customers of U.S. financial institutions. Qbot harvests browsing data and financial info, including online banking details.

The increased use of mobile banking apps due to the COVID-19 pandemic is sure to be followed by an increased prevalence of mobile banking threats: fake banking apps and banking Trojans disguised as those apps, the FBI has warned. "Studies of US financial data indicate a 50 percent surge in mobile banking since the beginning of 2020. Additionally, studies indicate 36 percent of Americans plan to use mobile tools to conduct banking activities, and 20 percent plan to visit branch locations less often," the FBI pointed out.

The increase in mobile banking application usage is expected to lead to a rise in exploitation too, the Federal Bureau of Investigation warns. Over the past several years, mobile banking applications have seen wide adoption, and their use went up by 50% since the beginning of this year, an alert from the FBI's Internet Crime Complaint Center reveals.

As a result, the FBI said it expects cybercriminals to target banking customers with fake banking apps and app-based banking trojans. Phony bank apps spoof the actual apps of major banks to trick users into entering their account credentials.

Silent Night is a new sophisticated and heavily obfuscated Zloader/Zbot, ZeuS-derived banking trojan. Silent Night is a new ZeuS derivative, currently being offered under the malware-as-a-service model.

A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware's author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service model. Silent Night is advertised with a host of features, according to a Thursday analysis from Malwarebytes.

The lifespan of phishing attacks in H2 2019 has grown considerably and resulted in the tremendous increase in the number of phishing websites blockages, says Group-IB's Computer Emergency Response Team. In H2 2019 CERT-GIB blocked a total of 8, 506 phishing web resources, while in H2 2018, the figure stood at 2,567.