December 5, 2024 at 11:15AM A new Android remote access trojan (RAT) called DroidBot targets 77 banking institutions and organizations. Disguised as security apps, it utilizes keylogging and UI monitoring. Active since June 2024, it operates on a Malware-as-a-Service model, with affiliates customizing the malware for attacks predominantly across Europe. ### Meeting Takeaways – December … Read more
October 28, 2024 at 04:55PM JPMorgan Chase is suing individuals linked to a viral ATM fraud scheme exploiting a check deposit glitch. Four federal lawsuits have been filed across Texas, Florida, and California, seeking recovery of stolen funds, which total significant amounts from multiple defendants. The bank aims to hold fraudsters accountable. ### Meeting Takeaways … Read more
August 20, 2024 at 04:21PM A novel phishing campaign in the Czech Republic targets mobile users through Progressive Web Applications to steal banking account credentials from banks such as CSOB, OTP, and TBC. The phishing websites are distributed through voice calls, SMS, and social media. The attack is notable for deceiving users into installing PWAs … Read more
August 13, 2024 at 01:46AM A woman in Delhi fell victim to a “digital arrest” scam, where scammers posed as CBI officers and extorted money by threatening her husband’s arrest. After being coerced into paying, she realized it was a scam. Police arrested three men involved and recovered incriminating items. This type of fraud, common … Read more
June 18, 2024 at 03:51AM The Singapore Police Force (SPF) extradited two men from Malaysia linked to a mobile malware campaign. The suspects targeted Android users and used phishing scams to steal personal data and banking information. The SPF, in collaboration with other law enforcement agencies, apprehended 16 cyber criminals and reported over 4,000 victims. … Read more
February 19, 2024 at 05:39AM Group-IB researchers discovered iOS trojan GoldPickaxe, utilized by Chinese cybercriminal group GoldFactory in APAC region. Trojan collects personal and banking info, including face profiles, SMS, and ID photos. It was distributed through fake apps and MDM profiles, while the Android version has more features. Group-IB warns of potential expansion beyond … Read more
January 30, 2024 at 10:50AM Brazil’s Federal Police, along with cybersecurity collaborators, have disrupted the Grandoreiro banking malware operation targeting Spanish-speaking countries with financial fraud since 2017. Five arrests were made in Brazil, and substantial losses and the malware’s capabilities were outlined. The operation is on hold, but future resurgence is uncertain. From the meeting … Read more