Security News

Hackers abuse Google Cloud Run in massive banking trojan campaign
2024-02-21 21:07

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. Google Cloud Run is lets users deploy frontend and backend services, websites or applications, handle workloads without the effort of managing an infrastructure or scaling.

Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
2024-02-19 10:29

The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the...

iOS users beware: GoldPickaxe trojan steals your facial data
2024-02-15 10:14

Group-IB uncovered a new iOS trojan designed to steal users' facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe. iOS trojan targets victims in the Asia-Pacific region.

New Coyote Trojan Targets 61 Brazilian Banks with Nim-Powered Attack
2024-02-09 10:28

Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution,...

New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
2024-02-05 03:45

The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new...

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives
2024-01-30 16:43

A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest...

Npm Trojan Bypasses UAC, Installs AnyDesk with "Oscompatible" Package
2024-01-19 07:42

A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named "oscompatible," was published on...

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication
2023-12-21 16:21

Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a...

Ten new Android banking trojans targeted 985 bank apps in 2023
2023-12-14 19:40

This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank accounts and money by stealing credentials and session cookies, bypassing 2FA protections, and sometimes even performing transactions automatically.

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans
2023-12-11 13:00

The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to...