Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing 327

Phishing Scams Banking Mobile 327

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Vishing: Also known as voice phishing. What is mishing? and 9%in Brazil.

Phishing 88

Phishing Mobile Social Engineering Data breaches 88

The Hacker News

OCTOBER 16, 2024

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails.

Banking 127

Banking Phishing Malware Retail 127

The Hacker News

MARCH 27, 2024

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The archive ("Bank Handlowy w Warszawie

Banking 138

Banking Phishing Malware 138

Tech Republic Security

MAY 23, 2024

Find out how Grandoreiro banking trojan campaigns work and the countries targeted, as well as how to mitigate this malware threat.

Banking 175

Banking Malware Social Engineering Cryptocurrency 175

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist.

Malware 325

Malware Cryptocurrency Software Phishing 325

Krebs on Security

NOVEMBER 9, 2024

” In a hypothetical example, a scammer uses a hacked government email account to request that a service provider place a hold on a specific bank or crypto account that is allegedly subject to a garnishment order, or party to crime that is globally sanctioned, such as terrorist financing or child exploitation. dot-gov emails get hacked.

Hacking 276

Hacking Accountability Government Social Engineering 276

The Hacker News

NOVEMBER 12, 2021

Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans (RATs), and ransomware payloads.

Phishing 145

Phishing Malware Banking Ransomware 145

The Hacker News

MAY 19, 2024

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January.

Banking 135

Banking Phishing Malware 135

The Hacker News

MARCH 11, 2024

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.

Banking 135

Banking Phishing Malware 135

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking 133

Banking Malware Antivirus Accountability 133

Heimadal Security

OCTOBER 13, 2022

New research conducted by a Dutch mobile security company recently discovered a network of phishing websites targeting Italian online-banking users to get a hold of their credentials. The post New Android Banking Malware Deployed Using Vishing appeared first on Heimdal Security Blog. How […].

Banking 120

Banking Malware Social Engineering Mobile 120

Malwarebytes

FEBRUARY 27, 2024

For the most popular operating system in the world—which is Android and it isn’t even a contest —there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. What are Android banking trojans? Take the SharkBot banking trojan, which Malwarebytes detects and stops.

Banking 145

Banking Passwords Accountability Malware 145

Hacker's King

DECEMBER 17, 2024

The cybersecurity world has been abuzz with news of a new Linux variant of FASTCash, a sophisticated malware targeting the banking sector. FASTCash has gained notoriety for its ability to bypass banking security protocols, enabling cybercriminals to withdraw massive amounts of cash from ATMs.

Banking 52

Banking Social Engineering Malware Cyber threats 52

The Hacker News

FEBRUARY 27, 2024

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer.

Phishing 136

Phishing Malware Scams Banking 136

Daniel Miessler

MARCH 10, 2022

The answer is remarkably simple, actually— phishing. A growing percentage of malware packages now include prompts for not only a username and password, but also an MFA code. This means traditional MFA is becoming increasingly useless against phishing in the real world. The answer is yes. Get started with WebAuthn >>.

Authentication 364

Authentication Phishing Passwords Accountability 364

The Hacker News

OCTOBER 12, 2022

Malicious actors are resorting to voice phishing (vishing) tactics to dupe victims into installing Android malware on their devices, new research from ThreatFabric reveals.

Banking 120

Banking Malware Phishing Mobile 120

The Hacker News

DECEMBER 1, 2021

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims' bank accounts.

Phishing 143

Phishing Social Engineering Banking Engineering 143

Malwarebytes

NOVEMBER 5, 2024

With access to your email account, a cybercriminal can find a lot of useful information about you, such as where you bank, your account numbers, your favorite shops, and more. Cybercriminals could use your account to spread spam and phishing emails to your contacts.

Accountability 145

Accountability Authentication Malware Banking 145

The Hacker News

NOVEMBER 3, 2024

Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information.

Malware 134

Malware Banking Mobile Phishing 134

Security Affairs

JUNE 18, 2022

Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. ” concludes the report.

Banking 145

Banking Cryptocurrency Malware Mobile 145

Heimadal Security

JANUARY 4, 2023

Threat actors use data stolen from Columbian bank customers as lures in email phishing attacks. On the bright side, according to researchers, none of the sensitive data exfiltrated from the bank seems to have been spilled on the dark web or […].

Banking 111

Banking Malware Phishing Cybersecurity 111

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). On Android, these phishing WebAPKs even appear to have been installed from the Google Play store.”

Phishing 132

Phishing Mobile Banking Social Engineering 132

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. A new #Android banker ERMAC 2.0 already has an active campaign.

Banking 145

Banking Malware Cybercrime Phishing 145

Adam Levin

JUNE 12, 2020

and global protests of the killing of George Floyd are being used to spread malware according to the cybersecurity non-profit organization abuse.ch. . The Zurich-based group identified a phishing campaign that capitalizes on the Black Lives Matter movement to distribute malware. Historically, TrickBot is an e-banking trojan.

Malware 167

Malware Banking Phishing Ransomware 167

Penetration Testing

OCTOBER 31, 2024

The zLabs team at Zimperium has issued an alert on a new variant of the FakeCall malware, a vishing (voice phishing) threat that targets mobile banking users through fraudulent phone... The post FakeCall Malware: Sophisticated Vishing Attack Targets Mobile Users in Banking Fraud appeared first on Cybersecurity News.

Banking 94

Banking Mobile Malware Phishing 94

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 127

Malware Software Passwords Cryptocurrency 127

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 145

Banking Malware Internet Internet 145

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 326

Phishing Telecommunications Malware Scams 326

Krebs on Security

AUGUST 12, 2018

The FBI said unlimited operations compromise a financial institution or payment card processor with malware to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs. In both cases, the attackers managed to phish someone working at the Blacksburg, Virginia-based small bank.

Banking 228

Banking Accountability Retail Phishing 228

Approachable Cyber Threats

MARCH 12, 2025

Category Awareness, Social Enginering Risk Level Phishing emails are getting harder to detect. What is phishing, and why is it such a big deal?" Phishing is one of the oldest tricks in the hacker playbook - but its also one of the most effective. Alright, but cant I just spot and delete phishing emails?"

Phishing 52

Phishing Scams Social Engineering Artificial Intelligence 52

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and redirects them to the attacker’s phone number.

Banking 98

Banking Malware Accountability Phishing 98

The Hacker News

SEPTEMBER 3, 2024

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. Finally, it can use all this exfiltrated

Banking 117

Banking Mobile Phishing Malware 117

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. The phishing messages include a malicious link.

Banking 138

Banking Phishing Malware Hacking 138

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 138

Government Phishing Malware Banking 138

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 137

Malware Ransomware Banking Healthcare 137