#BankingTrojan – Page 2

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

September 13, 2024 by Xynik

September 13, 2024 at 08:15AM Cybersecurity researchers have uncovered a new variant of the Android banking trojan TrickMo, designed to evade detection and capture banking credentials. The malware, linked to the TrickBot e-crime gang, features capabilities like screen recording, keystroke logging, and abusing accessibility services for malicious actions. The trojan’s command-and-control server exposed 12 GB … Read more

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users

September 3, 2024 by Xynik

September 3, 2024 at 06:48AM A new Android banking trojan named Rocinante targets mobile users in Brazil, capable of keylogging and stealing personal information from victims. The malware can masquerade as various banking apps and is linked to a threat actor known as DukeEugene. Symantec also highlighted a banking trojan campaign targeting Spanish and Portuguese-speaking … Read more

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

August 26, 2024 by Xynik

August 26, 2024 at 12:54AM Researchers have discovered new Android malware, NGate, aimed at stealing contactless payment data from physical credit and debit cards to conduct fraudulent operations. Targeting banks in Czechia, the attack involves social engineering and SMS phishing to trick users. NGate prompts victims to enter sensitive financial details and instigates an NFC … Read more

Chameleon Android Banking Trojan Targets Users Through Fake CRM App

August 7, 2024 by Xynik

August 7, 2024 at 03:30AM Cybersecurity researchers uncovered a new tactic used by threat actors behind the Chameleon Android banking trojan. Masquerading as a Customer Relationship Management (CRM) app, the campaign targeted a Canadian restaurant chain and expanded to Europe. The malicious app deceives users with fake login pages to deploy the Chameleon payload, enabling … Read more

New BlankBot Android Trojan Can Steal User Data

August 2, 2024 by Xynik

August 2, 2024 at 08:12AM The new Android trojan, BlankBot, discovered by Intel 471, poses a significant threat to users. It disguises itself as utility applications, targeting Turkish Android users and potentially expanding to other countries. Once installed, it gains control of the device, logging sensitive information and executing custom attacks. The trojan communicates with … Read more

New Android Banking Trojan BingoMod Steals Money, Wipes Devices

August 1, 2024 by Xynik

August 1, 2024 at 09:06AM Italian cybersecurity firm Cleafy discovered an Android remote access trojan (RAT) called BingoMod. It’s capable of fraudulent money transfers and device wiping to erase malware traces. The RAT, attributed to a Romanian-speaking threat actor, uses remote access to exploit on-device fraud, and the malware is under active development. BingoMod employs … Read more

Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries

July 8, 2024 by Xynik

July 8, 2024 at 06:24AM Latin American financial institutions face a surge in cyber attacks from the Mekotio banking trojan, targeting countries like Brazil and Mexico to steal banking credentials. Trend Micro observed a rise in attacks distributing this Windows malware, as well as the emergence of a new trojan codenamed Red Mongoose Daemon, posing … Read more

Mekotio Banking Trojan Threatens Financial Systems in Latin America

July 4, 2024 by Xynik

July 4, 2024 at 05:14AM The Mekotio banking trojan is a significant threat to financial systems in Latin America, targeting countries such as Brazil, Chile, Mexico, Spain, and Peru. It infiltrates systems through phishing emails, aiming to steal sensitive information, particularly banking credentials. Users can protect themselves by being cautious with emails, avoiding clicking on … Read more

New Medusa Android Trojan Targets Banking Users Across 7 Countries

June 26, 2024 by Xynik

June 26, 2024 at 04:39AM Researchers discovered an updated version of the Android banking trojan, Medusa, targeting users in multiple countries. The trojan features new capabilities and uses fake updates and dropper apps for distribution. Its reduced permissions and expanded geographic reach make it harder to detect. Similar campaigns distributing another Android malware, SpyMax, have … Read more

Android Banking Trojan Antidot Disguised as Google Play Update

May 20, 2024 by Xynik

May 20, 2024 at 09:29AM Cyble research identifies new Android banking Trojan “Antidot,” using overlay attacks and keylogging to harvest sensitive information. It employs WebSocket for real-time C2 communication, gaining significant control over infected devices, enabling remote control and data theft. The emerging threat emphasizes the need for improved mobile security measures and user awareness. … Read more