banking

Pierluigi Paganini November 29, 2020
Crooks stole 800,000€ from ATMs in Italy with Black Box attack

A cyber criminal organization has stolen money from at least 35 Italian ATMs with a black box attack technique. A criminal organization has stolen money from at least 35 ATMs and Post Office cash dispensers operated by Italian banks with a new black box attack technique. The Carabinieri of Monza dismantled by the gang, the […]

Pierluigi Paganini September 24, 2020
Alien Android banking Trojan, the powerful successor of the Cerberus malware

Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Researchers from ThreatFabric have discovered and analyzed a new strain of Android malware, tracked as Alien, that implements multiple features allowing it to steal credentials from 226 applications. Alien first appeared in […]

Pierluigi Paganini August 29, 2020
North Korea-linked APT group BeagleBoyz targets banks

North Korea-linked APT group BeagleBoyz intensified its operations since February, US CISA, Department of the Treasury, FBI, and USCYBERCOM warn. According to a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation (FBI), and U.S. Cyber Command (USCYBERCOM) North Korea-linked APT group BeagleBoyz […]

Pierluigi Paganini August 22, 2020
ATM vendors Diebold and NCR fixed deposit forgery bugs

The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks The flaws that could have allowed crooks to modify the […]

Pierluigi Paganini July 19, 2020
Diebold Nixdorf warns of a wave of ATM black box attacks across Europe

ATM maker Diebold Nixdorf is warning banks a new ATM black box attack technique that was recently employed in cyber thefts in Europe. Black box attacks are a type of jackpotting attack aimed at forcing an ATM to dispense the cash by sending a command through a “black box” device. In this attack, a black box […]

Pierluigi Paganini July 08, 2020
Malicious app in Google Play used to deliver Cerberus Banking Trojan

Experts found a tainted app in the Google Play store that was downloaded by more than 10,000 users and that was delivering the Cerberus banking Trojan. Researchers from AVAST have discovered a currency converter application in the Google Play store that was downloaded by more than 10,000 users and that was designed to deliver the […]

Pierluigi Paganini June 22, 2020
A new variant of the IcedID banking Trojan spreads using COVID-19 lures

Experts spotted a new version of the IcedID banking trojan that uses steganography to infect victims as part of COVID-19 themed attacks. A new version of the IcedID banking trojan was employed in COVID-19 themed attacks, the new variant uses steganography to infect victims and implements anti-detection capabilities. Researchers at Juniper Threat Labs have spotted […]

Pierluigi Paganini June 18, 2020
An ongoing Qbot campaign targeted customers of tens of US banks

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot, aka Qakbot, is a data stealer worm with backdoor capabilities that […]

Pierluigi Paganini May 12, 2020
Zeus Sphinx continues to be used in Coronavirus-themed attacks

The Zeus Sphinx banking Trojan continues to evolve while receiving new updates it is employed in ongoing coronavirus-themed scams.  IBM security researcher continues to monitor the evolution of the infamous Zeus Sphinx banking Trojan (aka Zloader or Terdot) that receives frequent updates and that was involved in active coronavirus scams.  The Zeus Sphinx banking Trojan is based […]

Pierluigi Paganini May 07, 2020
Brazilian trojan banker is targeting Portuguese users using browser overlay

Since the end of April 2020, a new trojan has been affecting Portuguese users from several bank organizations. The modus operandi of this piece of malware is not new in Portugal. At least since the year of 2014 that new variants have been observed, with minor changes, and with the objective of collecting bank details […]