July 4, 2024 at 05:14AM The Mekotio banking trojan is a significant threat to financial systems in Latin America, targeting countries such as Brazil, Chile, Mexico, Spain, and Peru. It infiltrates systems through phishing emails, aiming to steal sensitive information, particularly banking credentials. Users can protect themselves by being cautious with emails, avoiding clicking on … Read more
June 26, 2024 at 04:39AM Researchers discovered an updated version of the Android banking trojan, Medusa, targeting users in multiple countries. The trojan features new capabilities and uses fake updates and dropper apps for distribution. Its reduced permissions and expanded geographic reach make it harder to detect. Similar campaigns distributing another Android malware, SpyMax, have … Read more
May 20, 2024 at 09:29AM Cyble research identifies new Android banking Trojan “Antidot,” using overlay attacks and keylogging to harvest sensitive information. It employs WebSocket for real-time C2 communication, gaining significant control over infected devices, enabling remote control and data theft. The emerging threat emphasizes the need for improved mobile security measures and user awareness. … Read more
May 19, 2024 at 04:18AM The Grandoreiro banking trojan, previously targeted at Latin America, has reemerged in a global campaign, expanding its reach to over 1,500 banks across 60+ countries. The large-scale phishing attacks utilize a sophisticated malware, employing tactics to avoid detection and compromising victims’ systems, including the abuse of Microsoft Outlook to spread … Read more
May 18, 2024 at 06:20PM The Android banking trojan “Grandoreiro” is a persistent threat, despite a recent law enforcement crackdown. It’s now targeting English-speaking countries and using diverse phishing lures, including government impersonation emails. The latest variant features advanced evasive tactics, expanded targeting, and detailed victim profiling. IBM analysts have noted its ability to avoid … Read more
May 18, 2024 at 01:14PM The Android banking trojan “Grandoreiro” is spreading in a large-scale phishing campaign across 60+ countries, targeting accounts of about 1,500 banks. Despite law enforcement efforts in January 2024, it has reemerged with new features and is now targeting English-speaking countries, employing diverse phishing lures and expanded capabilities, indicating a resilient … Read more
May 17, 2024 at 07:48AM Cyble has discovered a new Android banking trojan named Antidot, capable of stealing user credentials, recording conversations, and conducting overlay attacks to harvest victims’ data. The malware uses various tactics, such as posing as a fake Google Play update to obtain elevated permissions and perform remote control activities. It targets … Read more
April 26, 2024 at 07:00AM Fake browser updates are being used to distribute an undisclosed Android malware dubbed Brokewell, described as a modern banking trojan with data-theft and remote-control capabilities. The malware disguises itself as popular apps like Google Chrome, ID Austria, and Klarna and shows resilience in evading Google’s security restrictions. The threat is … Read more
April 24, 2024 at 03:48AM Trend Micro supported an Interpol-led operation targeting the Grandoreiro banking trojan, which primarily affects Latin American and European users. Trend provided threat intelligence data and technical findings, aiding in the identification of malicious infrastructure and assisting law enforcement investigations. This collaboration reinforces Trend’s ongoing commitment to combating cybercrime alongside international … Read more
April 3, 2024 at 05:45AM The Mispadu banking trojan expands its target beyond Latin America to Italy, Poland, and Sweden. Despite this, Mexico remains the primary target, resulting in thousands of stolen credentials. The malware is distributed via spam emails and leverages a Windows SmartScreen security flaw. Additionally, malicious YouTube videos are being used to … Read more