Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha

May 29, 2024 at 11:09AM A new campaign targets Brazilian banks with a Windows-based AllaSenha RAT, using Azure cloud as C2 infrastructure. The attack begins with a malicious LNK file disguised as a PDF, hosted since March 2024. The BPyCode launcher fetches and executes malicious files to steal banking credentials. Additionally, Anatsa Android Banking Trojan … Read more

‘Vultur’ Android Malware Gets Extensive Device Interaction Capabilities

April 1, 2024 at 12:30PM The Android banking malware Vultur has been updated, providing operators with greater control over infected devices. New capabilities include remote interaction, file modification, and the ability to bypass lock-screen protections. The malware continues to rely on AlphaVNC and ngrok for remote access, while employing anti-analysis techniques and evading detection. (Words: … Read more

Google’s Cloud Run Service Spreads Several Bank Trojans

February 20, 2024 at 03:54PM Researchers have identified a concerning increase in the spread of banking malware through abusive use of Google Cloud Run Service. Campaigns have expanded beyond Latin America, with Cisco Talos noting an uptick in such attacks since September 2023. Malicious emails with links to threat-controlled Cloud Run Web services are used … Read more

‘Coyote’ Malware Begins Its Hunt, Preying on 61 Banking Apps

February 8, 2024 at 04:23PM A new banking Trojan coined “Coyote” is targeting 61 online banking apps, spreading mainly in Brazil. Identified by Kaspersky, it’s armed with advanced components and could pose global threats. With history pointing to expansion and evolution, security teams need to be vigilant. “Coyote” is using unique tactics to avoid detection … Read more

INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs

February 4, 2024 at 12:19PM An INTERPOL-led operation named Synergia identified 1,300 suspicious IP addresses and URLs associated with phishing, banking malware, and ransomware attacks. Involving 60 law enforcement agencies across 55 countries, the effort led to the takedown of over 1,300 malicious servers, resulting in the arrest of 70 suspects. These actions demonstrate INTERPOL’s … Read more

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication

December 21, 2023 at 12:18PM Cybersecurity researchers identified an updated version of Android banking malware “Chameleon,” which expanded its targeting to include users in the U.K. and Italy. The malware excels in executing Device Takeover using the accessibility service and is now being delivered via Zombinder. The latest findings also revealed its ability to disrupt … Read more

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users

November 30, 2023 at 06:06AM A mobile security firm discovered a malicious campaign using over 285 Android apps to steal bank credentials and credit card information from Iranian users. The malware, targeting at least 12 banking apps, uses phishing and evasion techniques, with plans to expand to cryptocurrency wallets. Attackers use Telegram and GitHub for … Read more