Tag: Fraud

More Complexity to Come The profession of webinject crafting is being reflected in Trojan campaigns against banks. We can only guess whether the resemblance between the webinjects is a result of a cooperation or of both fraudsters buying webinjects from the same third party. Either way, a great deal of fraud business logic is now…

Read More

The Dridex authors frequently release updates such as new functions obfuscation and new configuration encoding to continue evading detection and mitigation techniques of security vendors. They have shifted the focus of their malware from targeting European financial institutions to new banking institutions in the United States. Evidently, the developers of the malware display great proficiency…

Read More

In May 2016, we detected a generic form grabber and IBAN (International Bank Account Number) swap script injection targeting financial institutions across the world. IBAN swapping is a technique fraudsters use to first obtain access to an account, then exchange a legitimate account number with the attacker’s destination mule account number before a funds transfer…

Read More

Recently there have been several reports of a financial malware named TrickBot; this malware's code looks similar to Dyre. Source link lol

Read More

Trickbot, the latest arrival to the banking malware scene and successor to the infamous Dyre botnet, is in constant flux, and its authors are continually adding new targets and functionality. F5 malware researchers have been monitoring Trickbot and have uncovered a new variant that substantially increases the number of German banks being targeted. Trickbot was…

Read More

Malware that steals banking credentials is still one of today’s most lucrative cybercrime schemes. It’s not unusual for a banking Trojan to evolve over the years, and Ramnit is a perfect example. It was active for several years until it was disrupted in early 2015 by Europol working with several tech companies. It resurfaced in…

Read More

One of the weakest links in our cyber defenses is the human factor. The (ISC)2 Cybersecurity Trends Report for 2017 stated that cybersecurity professionals are most concerned about phishing attacks.1 But phishing is just one of many social engineered attacks mediated by technology. Now we are seeing an upswing in virtual kidnapping scams. How the Scam Works…

Read More

Marcher targets focused on European, Australian, and Latin American banks, along with PayPal, eBay, Facebook, WhatsApp, Viber, Gmail, and Yahoo—all in the month of March. Source link lol

Read More

The financial trojan TrickBot has been updating its campaigns and targets since F5 malware researchers started following it in September 2016. This is expected behavior because attackers need to continually update their targets and methods to evade detection. Previously, TrickBot, the successor to Dyre, targeted financial institutions in Europe, Australia, New Zealand, and Canada. TrickBot’s May 2017…

Read More

Figure 6: Targets by Industry Notable Target Drops European banks have continually been a top target of TrickBot, and although there was growth in targets in that region, Europe stands out more in this configuration because Australia and New Zealand targets dropped off, thereby boosting Europe’s portion of the pie. There were no New Zealand…

Read More