Security News
A newly uncovered banking trojan called Alien is invading Android devices worldwide, using an advanced ability to bypass two-factor authentication security measures to steal victim credentials. Researchers believe Alien is a "Fork" of the infamous Cerberus banking malware, which has undergone a steady demise in use over the past year.
The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. These, like an initial Zeppelin wave observed in late 2019, start with phishing emails with Microsoft Word attachments that have malicious macros on board.
Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download," New Zealand's Computer Emergency Response Team said.
Dubbed PyVil, the new remote access trojan goes after passwords, documents, browser cookies, and email credentials, says Cybereason. A new remote access trojan is aiming at financial technology companies in the UK and European Union to capture sensitive information through keylogging and screen captures.
The latest variant of this trojan extracts email threads from Outlook, which it uses for phishing attacks, says Check Point Research. A new phishing campaign analyzed by threat intelligence provider Check Point reveals how the old Qbot trojan has been repurposed to phish people by capturing their email threads.
One new Qbot feature hijacks a victim's Outlook-based email thread and uses it to infect other PCs. The 12-year-old malware resurface in January 2020, according to F5 researchers, who issued a report in June detailing new Qbot evasive features to avoid detection. Most of the victims of the new Qbot campaigns have been in the United States, where 29 percent of Qbot attacks have been detected, followed by India, Israel and Italy, according to Check Point.
A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of Emotet - another email-based malware behind several botnet-driven spam campaigns and ransomware attacks - last month, with the new sample capable of covertly gathering all email threads from a victim's Outlook client and using them for later malspam campaigns.
A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of Emotet - another email-based malware behind several botnet-driven spam campaigns and ransomware attacks - last month, with the new sample capable of covertly gathering all email threads from a victim's Outlook client and using them for later malspam campaigns.
Threat actors have enhanced a banking trojan that has been widely used during the COVID-19 pandemic with new functionality to help it avoid detection by potential victims and standard security protections. Attackers have implemented several new features - including a password-protected attachment, keyword obfuscation and minimalist macro code-in a recent phishing campaign using documents trojanized by the widely used banking trojan IcedID, according to a new report by Juniper Networks security researcher Paul Kimayong.
Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe. "Guildma, Javali, Melcoz and Grandoreiro are examples of yet another Brazilian banking group/operation that has decided to expand its attacks abroad, targeting banks in other countries," Kaspersky said in an analysis.