Security News

Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
2022-11-11 12:33

Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis published Thursday.

Good news, URSNIF no longer a banking trojan. Bad news, it's now a backdoor
2022-10-21 10:28

As one of the oldest banking trojans - dating back to the mid-2000s - the software nasty has a number of variants and been given a few monikers, including URSNIF, Gozi, and ISFB. It's crossed paths with other malware families, had its source code leaked twice since 2016 and, according to Mandiant, is now less a single malware family than a "Set of related siblings." In a report this week, Mandiant researchers Sandor Nemes, Sulian Lebegue, and Jessa Valdez wrote that a strain of URSNIF's RM3 version is no longer a banking trojan but a generic backdoor, similar to the short-lived Saigon variant.

Fake Antivirus and Cleaner Apps Caught Installing SharkBot Android Banking Trojan
2022-09-05 07:10

The notorious Android banking trojan known as SharkBot has once again made an appearance on the Google Play Store by masquerading as antivirus and cleaner apps. "This new dropper doesn't rely on Accessibility permissions to automatically perform the installation of the dropper Sharkbot malware," NCC Group's Fox-IT said in a report.

SOVA Android Banking Trojan Returns With New Capabilities and Targets
2022-08-16 09:20

The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out. In less than a year, the trojan has also acted as a foundation for another Android malware called MaliBot that's designed to target online banking and cryptocurrency wallet customers in Spain and Italy.

New Android Banking Trojan 'Revive' Targeting Users of Spanish Financial Services
2022-06-28 20:13

A previously unknown Android banking trojan has been discovered in the wild, targeting users of the Spanish financial services company BBVA. Said to be in its early stages of development, the malware - dubbed Revive by Italian cybersecurity firm Cleafy - was first observed on June 15, 2022 and distributed by means of phishing campaigns. "The name Revive has been chosen since one of the functionality of the malware is restarting in case the malware stops working, Cleafy researchers Federico Valentini and Francesco Iubatti said in a Monday write-up."

Chinese hackers target script kiddies with info-stealer trojan
2022-06-22 18:28

Cybersecurity researchers have discovered a new campaign attributed to the Chinese "Tropic Trooper" hacking group, which employs a novel loader called Nimbda and a new variant of the Yahoyah trojan. The trojan is bundled in a greyware tool named 'SMS Bomber,' which is used for denial of service attacks against phones, flooding them with messages.

MaliBot: A New Android Banking Trojan Spotted in the Wild
2022-06-16 19:32

A new strain of Android malware has been spotted in the wild targeting online banking and cryptocurrency wallet customers in Spain and Italy, just weeks after a coordinated law enforcement operation dismantled FluBot. The information stealing trojan, codenamed MaliBot by F5 Labs, is as feature-rich as its counterparts, allowing it to steal credentials and cookies, bypass multi-factor authentication codes, and abuse Android's Accessibility Service to monitor the victim's device screen.

10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
2022-06-06 22:15

10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on the Google Play Store and have been cumulatively downloaded over 1.01 billion times. These apps alone account for more than 260 million downloads from the official app marketplace.

Top 10 Android banking trojans target apps with 1 billion downloads
2022-06-02 21:09

The ten most prolific Android mobile banking trojans target 639 financial applications that collectively have over one billion downloads on the Google Play Store. Mobile banking trojans hide behind seemingly benign apps like productivity tools and games and commonly sneak into the Google Play Store, Android's official app store.

Mobile trojan detections rise as malware distribution level declines
2022-05-29 15:15

Kaspersky's quarterly report on mobile malware distribution notes a downward trend that started in late 2020. Despite the overall demise in malware volumes, the security company reports a spike in trojan distribution, including generic trojans, banking trojans, and spyware.