trojan

  1. Tomcat

    NiceRat: "Remove your antivirus so that it doesn't interfere with our Trojan"

    A new trick of cybercriminals is different insidious and resourceful. Attackers are actively using malware called NiceRAT to create a botnet from infected devices. These attacks target users from South Korea and are distributed through local file sharing sites and blogs under the guise of...
  2. Tomcat

    ValleyRAT: a werewolf Trojan. How does it infect computers?

    A multi-stage attack process helps to bypass the protection of antivirus and EDR systems. Cybersecurity researchers have discovered an updated version of the ValleyRAT malware distributed as part of a new malware campaign. "The latest version of ValleyRAT introduces new commands such as...
  3. Tomcat

    New banking Trojan Coper targets users in Colombia

    Doctor Web warns about the emergence of a new family of banking Trojans for Android devices, called Android.BankBot.Coper. Malware of this family has a modular architecture and a multi-stage infection mechanism, as well as a set of defensive techniques that help them resist removal. All this...
  4. Tomcat

    Hesperbot banking trojan – detailed analysis

    We have already written about Hesperbot; this threat is a new banking malware and has a modular architecture. Attackers used it to carry out attacks on users in various countries, including Turkey, the Czech Republic, Portugal and the UK. The main goal of the attacks was to steal confidential...
  5. Tomcat

    Hesperbot – new banking Trojan discovered in-the-wild

    In mid-August, we discovered a malware distribution campaign that was targeting the Czech Republic. It came to our attention because the malware files were distributed through URLs that closely resembled those of the Czech Postal Department. Further analysis of the files showed that we are...
  6. Tomcat

    Metel banking Trojan – APT attacks on banks

    VIRUS IDENTIFICATION Type of virus: targeted attack of increased complexity, Trojan program, malware. What is Metel? Metel is a banking Trojan (also known as Corkow) that was discovered in 2011. Then it was used to attack users of online banking systems. In 2015, the Metel group began to attack...
  7. Tomcat

    ATMs on Windows are attacked by the FiXS ripper Trojan

    Metabase Q experts have discovered a new malware designed to steal cash from ATMs running Windows. How infection occurs has not been established, but most likely it requires physical access to the device. An analysis of the sample carried out by the cybersecurity company showed that the Trojan...
  8. Tomcat

    A smart banking Trojan allows you to withdraw almost unlimited amounts of money from ATMs

    Kaspersky Lab has discovered and analyzed interesting malware that targets banks and banking networks. This is a whole software package consisting of about 30 different modules that can remain in the banking network undetected for a long time. The Metel system is called (there is also another...
  9. Tomcat

    AllaSenha Trojan: a new wave of attacks on Brazil's banking systems

    Details of the attack and methods of operation of the new banking Trojan. Brazilian banking institutions have become the target of a new campaign to distribute a special version of the remote access Trojan AllaKore for Windows called AllaSenha. The RAT Trojan is designed to steal credentials...
  10. Tomcat

    New tactics of the old Android Trojan

    One day you want to sell something on Avito and, having posted a detailed description of your product (for example, a RAM module), you will receive this message. Once you open the link, you will see a seemingly innocuous page notifying you, the happy and successful seller, that a purchase has...
  11. Father

    Antidot: New Banking Trojan pretends to be Google Play Updates

    Aimed also at Russian-speaking users, the malware uses advanced methods of disguise and lull vigilance. Researchers at discovered a new banking Trojan that targets Android devices. Sophisticated malware has many dangerous features, including overlay attacks, keylogging, and masking techniques...
  12. Father

    Grandoreiro and 100 MB of fraud: pumped Trojan attacks banks around the world via Outlook

    This time the malware went far beyond Latin America… The hacker group behind the Grandoreiro banking Trojan for Windows has resumed its global campaign since March 2024, following a law enforcement operation to dismantle its infrastructure in January. According to IBM X-Force, large-scale...
  13. Father

    The "most advanced" Trojan found, affecting Windows, Mac OS X, Linux, iOS and Android

    Kaspersky Lab has announced the discovery of the "most advanced" cyber espionage network, named Careto (from the Spanish word harya, erysipelas). In Russian, the network and its associated Trojan are called "Mask", in English - The Mask. The researchers gave the name Careto to the Trojan after...
  14. Father

    Вредоносное ПО ZLoader развивается с помощью антианалитического трюка от Zeus Banking Trojan

    Авторы обновленного вредоносного ПО ZLoader добавили функцию, которая изначально присутствовала в Zeus banking trojan, на которой оно основано, что указывает на его активную разработку. "В последней версии 2.4.1.0 добавлена функция предотвращения выполнения на машинах, отличных от исходного...
  15. Father

    Banking Android Trojan Godfather is not interested in Russian users

    Godfather is back. The Android Trojan attacks clients of banks, cryptocurrency exchanges, and e-wallets. It is distributed through the official Google Play Store under the guise of legal crypto applications. Interestingly, the Trojan bypasses users from Russia and the CIS. The geography of...
  16. Father

    Kaolin RAT: North Korean hackers hide their new Trojan in job openings

    The "Dream Job" operation does not slow down, using a long chain to hide the infection. Lazarus Group, a prominent hacker group traditionally associated with North Korea, used tempting job offers to deliver a new remote access trojan (RAT) called Kaolin RAT as part of attacks targeting specific...
  17. Father

    New Trojan Brokewell turns Android smartphone into surveillance tool

    How Google Chrome updates help you remotely control a victim's phone. ThreatFabric identified it A new malicious application called Brokewell that can record every action on your device, from tapping to typing and launching apps. The Trojan is distributed via a fake update Google Chrome in the...
  18. Father

    SoumniBot: Banking Trojan that turned Android features against its users

    Clever disguise allows the malware to permanently register on infected devices. A new type of banking malware for Android, dubbed "SoumniBot", uses an unusual method of obfuscation, exploiting vulnerabilities in the process of extracting and analyzing the Android manifest. This allows them to...
  19. Teacher

    AZORult Trojan turns Google Docs into a hotbed of viruses

    AZORult adapts to modern defenses with a clever campaign. Netskope Threat Labs has revealed a new campaign that uses Google Sites phishing pages to distribute the AZORult infostiler. The phishing campaign is not yet associated with any specific attacker or group, but is aimed at collecting...
  20. Teacher

    Fake domains as a weapon: the survivable BIFROSE Trojan made its way into Linux systems

    Researchers talk about new features of the old cyber threat. Researchers from Palo Alto Networks have discovered a new variant of the well - known remote access Trojan-BIFROSE (also known as Bifrost). The updated version is adapted for attacks on Linux systems. Its distinctive feature is the...
Top