Banking, Hacking, Information Security and Phishing

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Security Affairs

JUNE 4, 2024

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. .

Banking

Banking Phishing Social Engineering Engineering

Grandoreiro Banking Trojan is back and targets banks worldwide

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking

Banking Malware Antivirus Accountability

Phishing with hacked sites

SecureList

AUGUST 14, 2023

Examples include automation with phishing kits or Telegram bots. Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. What sites get hacked the most Abandoned websites end up captured by cybercriminals fairly often.

Phishing

Phishing Hacking Banking Scams

A phishing campaign targets clients of German banks using QR codes

Security Affairs

DECEMBER 12, 2021

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes. “The phish sites are fairly similar.

Banking

Banking Phishing Social Engineering Engineering

Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

Security Affairs

JUNE 20, 2024

Previously, Resecurity described multiple episodes of Smishing Triad activity targeting online banking, e-commerce and payment systems customers in other geographies including USA, EU, UAE and KSA. The code and templates used by the attackers in this smishing kit are consistent with those observed in previous instances of Smishing Triad.

Banking

Banking Data breaches Mobile Phishing

New variant of BBTok Trojan targets users of +40 banks in LATAM

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. The phishing messages include a malicious link.

Banking

Banking Phishing Malware Hacking

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Security Affairs

APRIL 18, 2024

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordinated by Europol, led to the disruption of LabHost, which is one of the world’s largest phishing-as-a-service platforms.

Phishing

Phishing Cybercrime Passwords Banking

Hacked Subway UK marketing system used in TrickBot phishing campaign

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. The system does not hold any bank or credit card details.”

Marketing

Marketing Phishing Hacking Data breaches

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. ICICI Bank, an Indian multinational valued at more than $76 billion, has more than 5,000 branches across India and is present in at least another 15 countries worldwide.

Banking

Banking Identity Theft Accountability Phishing

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing

Phishing Scams Education Passwords

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. SecurityAffairs – hacking, ERMAC 2.0). “ERMAC 2.0

Banking

Banking Malware Cybercrime Phishing

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Security Affairs

OCTOBER 4, 2023

Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks.

Phishing

Phishing Insurance Manufacturing Banking

New phishing campaign targets bank customers with WSH RAT

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. SecurityAffairs – WSH Remote Access Trojan, hacking).

Banking

Banking Phishing Advertising Malware

Massive social engineering waves have impacted banks in several countries

Security Affairs

FEBRUARY 1, 2022

A massive social engineering campaign targeting banks has been delivered in the last two years in several countries. The campaigns are carried out by using social engineering schemas, namely smishing, and spear-phishing through fake emails. SecurityAffairs – hacking, social engineering). Pierluigi Paganini. Pierluigi Paganini.

Social Engineering

Social Engineering Banking Engineering Phishing

Microsoft warns of multi-stage AiTM phishing and BEC attacks

Security Affairs

JUNE 11, 2023

Microsoft researchers warn of banking adversary-in-the-middle (AitM) phishing and BEC attacks targeting banking and financial organizations. Microsoft discovered multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) attacks against banking and financial services organizations.

Phishing

Phishing Banking Financial Services Authentication

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. SecurityAffairs – hacking, Log4Shell). Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

German police identified a gang that stole €4 million via phishing attacks

Security Affairs

OCTOBER 2, 2022

German police arrested one individual suspected of having stolen €4 million from users via large-scale phishing campaigns. Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected.

Phishing

Phishing Banking DDOS Accountability

MaliBot Android Banking Trojan targets Spain and Italy

Security Affairs

JUNE 18, 2022

Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. SecurityAffairs – hacking, Malibot).

Banking

Banking Cryptocurrency Malware Mobile

ABN Amro discloses data breach following an attack on a third-party provider

Security Affairs

MAY 28, 2024

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provider AddComm suffered a ransomware attack. The Dutch bank has stopped using services provided by AddComm. ” states the bank.

Data breaches

Data breaches Banking Ransomware Phishing

Android Banking Trojan Vultur uses screen recording for credentials stealing

Security Affairs

JULY 31, 2021

Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. ” concludes the report.

Banking

Banking Malware Mobile Media

Watch out for Omicron COVID-19-themed phishing messages!

Security Affairs

DECEMBER 3, 2021

Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure in phishing campaigns. Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. credit card data, banking data). Link goes to a fake NHS website.

Phishing

Phishing Scams Banking Consumer Protection

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

FEBRUARY 16, 2021

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost.

Phishing

Phishing Cybercrime Mobile Internet

BitRAT campaign relies on stolen sensitive bank data as a lure

Security Affairs

JANUARY 3, 2023

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages.

Banking

Banking Malware Phishing DDOS

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

Security Affairs

JULY 5, 2022

The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks. The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks. SecurityAffairs – hacking, Cyber Police of Ukraine).

Phishing

Phishing Computers and Electronics Banking Mobile

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing

Phishing Adware Retail Malware

Analyzing Phishing attacks that use malicious PDFs

Security Affairs

FEBRUARY 13, 2022

Cybersecurity researchers Zoziel Pinto Freire analyzed the use of weaponized PDFs in phishing attacks. Every day everybody receives many phishing attacks with malicious docs or PDFs. Here is the received email as it was from the Caixa Economica Federal bank, but we can see the sender uses Gmail services and a strange name.

Phishing

Phishing Banking Hacking Cybersecurity

The new maxtrilha trojan is being disseminated and targeting several banks

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking

Banking Malware Internet Internet

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. — Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021.

Phishing

Phishing Banking Passwords Firewall

Police dismantled a gang that used phishing sites to steal credit cards

Security Affairs

FEBRUARY 22, 2022

The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks. The police arrested five that created and administered more than 40 phishing sites used to harvest bank card data of unaware citizens. SecurityAffairs – hacking, phishing). Pierluigi Paganini.

Phishing

Phishing Banking Mobile Telecommunications

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches

Data breaches Banking Hacking Malware

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing

Phishing Banking Retail Financial Services

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

Security Affairs

DECEMBER 25, 2021

The phishing messages use weaponized Word or Excel attachments to install the Dridex banking Trojan. “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads a phishing message shared by Bleeping Computer.

Phishing

Phishing Passwords Banking Malware

LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities

Security Affairs

AUGUST 8, 2022

LogoKit – Threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters in phishing campaigns. Using highly trusted service domains like Snapchat and other online-services, they create special URLs which lead to malicious resources with phishing kits. Resecurity, Inc.

Phishing

Phishing Passwords Threat Detection Cybercrime

SharkBot, the new generation banking Trojan distributed via Play Store

Security Affairs

MARCH 7, 2022

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. SharkBot is a banking trojan that has been active since October 2021, it allows to steal banking account credentials and bypass multi-factor authentication mechanisms. sellsourcecode.supercleaner).

Banking

Banking Antivirus Mobile Malware

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

Android banking Trojan BrazKing is back with significant evasion improvements

Security Affairs

NOVEMBER 18, 2021

The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM spotted a new version of the BrazKing Android banking trojan that pull fake overlay screens from the command and control (C2) server in real-time. SecurityAffairs – hacking, Android).

Banking

Banking Malware Antivirus Phishing

Tetrade hackers target 112 financial apps with Ghimob banking Trojan

Security Affairs

NOVEMBER 10, 2020

Researchers from Kaspersky Lab spotted a new Android banking Trojan, dubbed Ghimob, that is able to steal data from 112 financial Apps. Ghimob is a new Android banking Trojan discovered by Kaspersky that is able to steal data from 112 financial apps. ” concludes the report. ” concludes the report.

Banking

Banking Mobile Malware Spyware

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

Our research team also found some bank logs for sale, info stealers were possibly used to steal these logs. Bank logs : These are sets of data containing sensitive information about a bank account. Bank logs : These are sets of data containing sensitive information about a bank account.

Banking

Banking Cybercrime Malware Accountability

Hackers accessed staff mailboxes at Italian bank Monte dei Paschi

Security Affairs

APRIL 11, 2020

Monte dei Paschi, one of the biggest Italian banks, suffered a cyber attack, hackers accessed the mailboxes of some employees and sent emails to clients. Italian state-owned bank Monte dei Paschi discloses a security breach, hackers have accessed the mailboxes of some employees and sent emails to clients. Pierluigi Paganini.

Banking

Banking Cyber Attacks Advertising Cybercrime

5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Security Affairs

MARCH 31, 2021

Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter. To lure victims, cybercriminals pose as bank representatives or customer support team members on Twitter. From January to early March 2021, this scheme grew in scope 2.5-fold

Banking

Banking Scams Accountability Media

Crooks stole €15 Million from European retail company Pepco

Security Affairs

MARCH 1, 2024

million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been the victim of a phishing attack, crooks stole about 15 million euros ($16.3 Crooks stole €15.5 ” reads the press release published by the company.

Retail

Retail Banking Phishing Cyber Attacks

Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs

Security Affairs

JULY 9, 2021

Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. Most of the phishing attacks leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. SecurityAffairs – hacking, phishing).

Phishing

Phishing Social Engineering Banking Engineering

Operation Synergia led to the arrest of 31 individuals

Security Affairs

FEBRUARY 2, 2024

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, Operation Synergia )

Cybercrime

Cybercrime Banking Phishing Malware

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks.

Malware

Malware Ransomware Banking Healthcare

Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.

Grandoreiro Banking Trojan is back and targets banks worldwide

Trending Sources

Phishing with hacked sites

A phishing campaign targets clients of German banks using QR codes

Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

New variant of BBTok Trojan targets users of +40 banks in LATAM

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Hacked Subway UK marketing system used in TrickBot phishing campaign

Multinational ICICI Bank leaks passports and credit card numbers

Phishing, the campaigns that are targeting Italy

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

New phishing campaign targets bank customers with WSH RAT

Massive social engineering waves have impacted banks in several countries

Microsoft warns of multi-stage AiTM phishing and BEC attacks

Grandoreiro banking malware targets Mexico and Spain

German police identified a gang that stole €4 million via phishing attacks

MaliBot Android Banking Trojan targets Spain and Italy

ABN Amro discloses data breach following an attack on a third-party provider

Android Banking Trojan Vultur uses screen recording for credentials stealing

Watch out for Omicron COVID-19-themed phishing messages!

Hackers abusing the Ngrok platform phishing attacks

BitRAT campaign relies on stolen sensitive bank data as a lure

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

China-based Fangxiao group behind a long-running phishing campaign

Analyzing Phishing attacks that use malicious PDFs

The new maxtrilha trojan is being disseminated and targeting several banks

HTML Smuggling technique used in phishing and malspam campaigns

Police dismantled a gang that used phishing sites to steal credit cards

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities

SharkBot, the new generation banking Trojan distributed via Play Store

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Android banking Trojan BrazKing is back with significant evasion improvements

Tetrade hackers target 112 financial apps with Ghimob banking Trojan

Info stealers and how to protect against them

Hackers accessed staff mailboxes at Italian bank Monte dei Paschi

5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Crooks stole €15 Million from European retail company Pepco

Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs

Operation Synergia led to the arrest of 31 individuals

Carbanak malware returned in ransomware attacks

Stay Connected