Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam

December 10, 2024 at 09:48AM Cybersecurity researchers have uncovered a mobile phishing campaign distributing an updated Antidot banking trojan, luring victims through fake job offers. Attackers prompt downloads of malicious apps, enabling extensive device control and data theft. Targeting multilingual users, the advanced malware requires robust protection measures to prevent significant data loss and financial … Read more

‘DroidBot’ Android Trojan Targets Banking, Cryptocurrency Applications

December 5, 2024 at 08:29AM A new Android remote access trojan (RAT) named DroidBot targets 77 banks and exchanges, primarily in Europe, with plans to expand to Latin America. It features advanced capabilities like keylogging and overlay attacks, distributed via fake security apps. Offered as malware-as-a-service, affiliates can manage infected devices for various malicious actions. … Read more

Android Botnet ‘ToxicPanda’ Bashes Banks Across Europe, Latin America

November 5, 2024 at 04:20PM Researchers have identified a new banking botnet named ToxicPanda, linked to Chinese-speaking threat actors, which targets over 1,500 devices across various countries. This malware exploits Android vulnerabilities for money transfers, undermining multifactor authentication. Cleafy emphasizes the necessity for improved security measures and real-time detection to counter such threats. ### Meeting … Read more

New Android Banking Malware ‘ToxicPanda’ Targets Users with Fraudulent Money Transfers

November 5, 2024 at 07:57AM A new Android banking malware, ToxicPanda, has infected over 1,500 devices, primarily in Italy. It conducts fraudulent transactions via account takeover and bypasses identity verification. The malware is believed to be linked to a Chinese threat actor and shares similarities with an earlier malware, TgToxic. It targets users through counterfeit … Read more

Android malware “FakeCall” now reroutes bank calls to attackers

October 30, 2024 at 10:58AM The new FakeCall malware for Android hijacks users’ outgoing calls to banks, redirecting them to attackers. It features advanced voice phishing tactics, realistic interfaces, and can capture audio/video. Recent improvements include additional control functionalities and commands, making it a more dangerous banking trojan. Users are cautioned against installing APKs directly. … Read more

FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities

October 30, 2024 at 09:03AM The FakeCall Android banking trojan has upgraded its evasion tactics and enhanced surveillance abilities, increasing risks for banks and enterprises. **Meeting Notes Takeaways:** 1. **Current Threat Overview:** The FakeCall Android banking trojan has evolved, incorporating advanced evasion tactics. 2. **Increased Risks:** The new capabilities of the trojan heighten risks for … Read more

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

October 23, 2024 at 02:00PM New variants of Grandoreiro banking malware are evolving to evade anti-fraud measures, employing tactics like domain generation algorithms and mouse tracking. Despite some arrests, operators continue to develop new features and target users across 45 countries, primarily through phishing. The malware adapts continuously, posing a significant threat to banking security. … Read more

Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack

October 16, 2024 at 03:48AM A spear-phishing campaign in Brazil is delivering the Astaroth banking Trojan, targeting sectors like manufacturing and government. The malware is disguised as official tax documents to lure users. Recommendations to counter these threats include strong passwords, multi-factor authentication, and keeping security software updated. **Meeting Takeaways – October 16, 2024** **Subject:** … Read more

TrickMo malware steals Android PINs using fake lock screen

October 14, 2024 at 01:35PM Forty new variants of the TrickMo Android banking trojan have emerged, designed to steal PINs and sensitive data through deceptive screens and various phishing tactics. Linked to 16 droppers and 22 command and control infrastructures, it has impacted at least 13,000 victims, primarily in Canada, UAE, Turkey, and Germany. ### … Read more

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

September 24, 2024 at 07:01AM Cybersecurity researchers have uncovered a new version of the Android banking trojan, Octo, named Octo2. It boasts enhanced capabilities for device takeover and fraudulent transactions. The malware has been observed in European countries and is distributed through apps like Europe Enterprise, Google Chrome, and NordVPN. Octo2 is a significant advancement … Read more