North of 1,000 samples of the Godfather mobile banking Trojan are circulating in dozens of countries worldwide, targeting hundreds of banking apps. First discovered in 2022, Godfather — which can record screens and keystrokes, intercepts two-factor authentication (2FA) calls and texts, initiates bank transfers, and more — has quickly become one of the most widespread […]
Apr 18, 2024NewsroomMobile Security / Malware A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is “notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest,” Kaspersky researcher Dmitry […]
The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and Sweden. Targets of the ongoing campaign include entities spanning finance, services, motor vehicle manufacturing, law firms, and commercial facilities, according to Morphisec. “Despite the geographic expansion, Mexico remains the primary target,” […]
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads […]
Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that’s propagated via phishing emails bearing PDF attachments. “This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware,” Fortinet FortiGuard Labs researcher Cara Lin said. The attack chain involves the […]
Recent discussion around an emerging information-stealing trojan project reinforces the continual need to track intelligence on capabilities adversaries rely on for the collection of sensitive information from victims. In today’s blog InQuest analysts share information that has been publicly documented recently about the newer threat named Planet Stealer, recently offered for sale in underground forums. […]
Watch out for the new CHAVECLOAK banking Trojan as it spreads its infection through SMS phishing (SMishing), phishing emails, and compromised websites. Cybersecurity researchers at FortiGuard Labs have discovered a high-severity Trojan, dubbed CHAVECLOAK, targeting Brazilian banking users. The malware targets Windows devices and accesses online banking platforms, stealing their banking credentials and financial information. […]
Cybercrime , Endpoint Detection & Response (EDR) , Fraud Management & Cybercrime Qakbot Wouldn’t Be the First Trojan to Come Back After a Takedown Akshaya Asokan (asokan_akshaya) • February 13, 2024 Security researchers are seeing new examples of Qakbot malware. (Image: Shutterstock) Takedowns aren’t always forever in cyberspace. Months after a U.S. law […]
Researchers have discovered a novel banking Trojan they dubbed “Coyote,” which is hunting for credentials for 61 different online banking applications. “Coyote,” detailed by Kaspersky in an analysis today, is notable both for its broad targeting of banking-sector apps (the majority, for now, in Brazil), and its sophisticated interweaving of different rudimentary and advanced components: […]