Security Affairs

JANUARY 20, 2025

Researchers linked the threat actor DoNot Teamto a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. In this case, the group is leveraging OneSignal to deliver phishing links through notifications.

Malware 114

Malware Cyber Attacks Mobile Phishing 114

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and redirects them to the attacker’s phone number.

Banking 131

Banking Malware Accountability Phishing 131

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware 332

Malware Banking Phishing DDOS 332

Krebs on Security

NOVEMBER 5, 2024

Department of Justice (DOJ) for a 2021 breach at T-Mobile that exposed the personal information of at least 76.6 However, it is unclear if Binns faces any immediate threat of extradition to the United States, where he is currently wanted on criminal hacking charges tied to the 2021 breach at T-Mobile. million customers.

Cybercrime 277

Cybercrime Mobile Media Hacking 277

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). SMS campaigns sent phishing links indiscriminately to Czech phone numbers.

Phishing 132

Phishing Mobile Banking Social Engineering 132

The Last Watchdog

DECEMBER 20, 2021

Related: Using mobile apps to radicalize youth. Malware, including ransomware, is a fast-growing criminal market. Spear phishing gatewa y. The joint threat advisory mentions “spear phishing” as a gateway through which malware can be launched. East Coast for six days. Protecting critical infrastructure.

Malware 256

Malware Phishing Technology Ransomware 256

Security Affairs

MARCH 30, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware Shedding light on the ABYSSWORKER driver VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware New Android Malware Campaigns Evading (..)

Malware 64

Malware Ransomware Threat Detection Mobile 64

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. of all mobile banker attacks.

Phishing 74

Phishing Banking Scams Mobile 74

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. According to the attackers, this was a configuration issue on an access point T-Mobile used for testing. T-Mobile left a gate left wide open for attackers – and attackers just had to find the gate.”.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Malwarebytes

APRIL 3, 2025

Recently weve been seeing quite a few phishing campaigns using QR codes in email attachments. The lure and the targets are varied, but the use of a QR code to get someone to visit the phishing site is fast becoming a preferred method for cybercriminals. DocuSign , Adobe), which increases the perceived legitimacy of the phish.

Phishing 105

Phishing Banking Mobile Accountability 105

Security Affairs

NOVEMBER 25, 2024

.” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group. SMS blaster attacks can exploit vulnerabilities in mobile networks and typically require proximity to the targeted devices for localized attacks.

Mobile 123

Mobile Scams Technology Telecommunications 123

Daniel Miessler

MARCH 10, 2022

The answer is remarkably simple, actually— phishing. A growing percentage of malware packages now include prompts for not only a username and password, but also an MFA code. This means traditional MFA is becoming increasingly useless against phishing in the real world. The answer is yes.

Authentication 364

Authentication Phishing Passwords Accountability 364

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 327

Hacking Social Engineering Phishing Scams 327

Penetration Testing

OCTOBER 31, 2024

The zLabs team at Zimperium has issued an alert on a new variant of the FakeCall malware, a vishing (voice phishing) threat that targets mobile banking users through fraudulent phone... The post FakeCall Malware: Sophisticated Vishing Attack Targets Mobile Users in Banking Fraud appeared first on Cybersecurity News.

Banking 96

Banking Mobile Malware Phishing 96

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

The Hacker News

NOVEMBER 3, 2024

Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information.

Malware 140

Malware Banking Mobile Phishing 140

Tech Republic Security

APRIL 17, 2023

New cloud-focused credential harvester available on encrypted messaging service Telegram is part of a trend of Python scrapers making it easier to bait multiple phishing hooks. The post Credential harvesting malware appears on deep web appeared first on TechRepublic.

Malware 180

Malware Phishing Encryption Mobile 180

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

DNS 331

DNS Internet Internet Phishing 331

Malwarebytes

FEBRUARY 25, 2025

Sometimes malware creators manage to get their apps listed in the official app store. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished. If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor.

Passwords 144

Passwords Password Management Phishing Authentication 144

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering 103

Social Engineering Mobile Authentication Engineering 103

Security Affairs

MARCH 21, 2025

Representatives of the Security Service of Ukraine and the General Staff of the Armed Forces of Ukraine warned that Russia-linked threat actors are actively using Telegram for cyberattacks, spreading phishing and malware, geolocating users, adjusting missile strikes, etc. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Graham Cluley

DECEMBER 2, 2021

Finland’s National Cyber Security Centre has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. Read more in my article on the Tripwire State of Security blog.

Malware 139

Malware Phishing Mobile 139

SecureWorld News

DECEMBER 10, 2024

Zimperium's zLabs team has uncovered a dangerous new variant of the Antidot banking trojan, dubbed AppLite, that is targeting Android devices through sophisticated mobile phishing (mishing) campaigns. These apps act as droppers, silently installing the AppLite trojan.

Mobile 108

Mobile Social Engineering Banking Phishing 108

The Hacker News

JUNE 18, 2024

The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023.

Malware 132

Malware Scams Mobile Phishing 132

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information.

Phishing 202

Phishing Scams Education Malware 202

CyberSecurity Insiders

DECEMBER 3, 2021

All you populace out in UK, please be aware that some online fraudsters are launching phishing email attacks in the name of NHS distributing free PCR testing kits to detect the latest Omicron Corona Virus variant. According to the data privacy group of UK, the phishing campaign is spreading in two email forms.

Cyber Attacks 139

Cyber Attacks Phishing Identity Theft Data privacy 139

Security Affairs

DECEMBER 12, 2024

These are the first known mobile malware families linked to the Russian APT. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related to Ukrainian affairs, since October 2021. Armageddon , Primitive Bear, and ACTINIUM).

Mobile 98

Mobile Malware Surveillance Social Engineering 98

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware 126

Malware Phishing Ransomware Mobile 126

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 134

Phishing Banking Mobile Scams 134

SecureList

DECEMBER 17, 2024

The attackers would then send what appeared to be the photo itself but was actually a malware installer. In reality, this was malware with no parcel-tracking functionality whatsoever. The link directed users to a phishing site offering to download Mamont for Android ( 12936056e8895e6a662731c798b27333 ).

Scams 93

Scams Malware Social Engineering Banking 93

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. Among the culprits are four major APT groups: Volt Typhoon, Salt Typhoon, Flax Typhoon, and Velvet Ant.

Encryption 141

Encryption Identity Theft Media Telecommunications 141

Heimadal Security

OCTOBER 13, 2022

New research conducted by a Dutch mobile security company recently discovered a network of phishing websites targeting Italian online-banking users to get a hold of their credentials. The post New Android Banking Malware Deployed Using Vishing appeared first on Heimdal Security Blog. How […].

Banking 124

Banking Malware Social Engineering Mobile 124

Security Affairs

OCTOBER 18, 2023

Leaked private data can be used to create phishing campaigns and pose a threat to the company’s customers, potentially putting them at risk of “doxxing” and “swatting.” IMEI is a unique number assigned to each mobile device and is used to identify a device on a mobile network.

Mobile 135

Mobile Phishing Manufacturing Risk 135

The Hacker News

OCTOBER 12, 2022

Malicious actors are resorting to voice phishing (vishing) tactics to dupe victims into installing Android malware on their devices, new research from ThreatFabric reveals.

Banking 119

Banking Malware Phishing Mobile 119

Security Boulevard

DECEMBER 10, 2024

Our zLabs team has identified an extremely sophisticated mishing (mobile-targeted phishing) campaign that delivers malware to the users Android mobile device enabling a broad set of malicious actions including credential theft of banking, cryptocurrency and other critical applications.

Mobile 90

Mobile Cryptocurrency Banking Phishing 90

Tech Republic Security

NOVEMBER 22, 2023

Phishing, infostealer malware, ransomware, supply chain attacks, data breaches and crypto-related attacks are among the top evolving threats in the financial sector, says Sekoia.

Cyber threats 211

Cyber threats Data breaches Phishing Ransomware 211

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 124

Malware Antivirus Software Passwords 124