Tag: banking
-
Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders
Cleafy analysis reveals Albiriox, a new Android Malware-as-a-Service (MaaS) RAT that targets over 400 global banking and crypto apps. Learn how ODF fraud enables full device takeover. First seen on hackread.com Jump to article: hackread.com/albiriox-android-malware-targets-banks-crypto/
-
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services.The activity, observed since October 2024, involves distributing modified banking applications that act as a conduit for Android malware, Group-IB said in a technical First…
-
Emerging Android threat ‘Albiriox’ enables full On”‘Device Fraud
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malware-as-a-service model on Russian”‘speaking cybercrime forums. It provides advanced capabilities for on-device fraud, screen manipulation, and real-time interaction with infected devices. It also includes a…
-
Emerging Android threat ‘Albiriox’ enables full On”‘Device Fraud
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malware-as-a-service model on Russian”‘speaking cybercrime forums. It provides advanced capabilities for on-device fraud, screen manipulation, and real-time interaction with infected devices. It also includes a…
-
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control
A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a “full spectrum” of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices.The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency First seen on thehackernews.com Jump…
-
Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover
A dangerous new Android malware called Albiriox has been discovered by security researchers, posing a serious threat to mobile banking and cryptocurrency users worldwide. The malware operates as a Malware-as-a-Service (MaaS), allowing cybercriminals to rent access to this powerful hacking tool for monthly fees ranging from $650 to $720. The Cleafy Threat Intelligence team first identified Albiriox…
-
Sturnus: AndroidTrojaner eine weitere gefährliche Eskalation beim Mobil-Betrug
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/sturnus-android-banking-trojaner-gefahr-eskalation-mobil-betrug
-
Massive Data Leak: ByteToBreach Offers Stolen Global Airline, Banking, and Government Records
A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches targeting critical sectors worldwide. Active since at least June 2025, ByteToBreach has leveraged a blend of technical proficiency, aggressive self-promotion, and cross-platform operations to become one of the most publicized threat…
-
Massive Data Leak: ByteToBreach Offers Stolen Global Airline, Banking, and Government Records
A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches targeting critical sectors worldwide. Active since at least June 2025, ByteToBreach has leveraged a blend of technical proficiency, aggressive self-promotion, and cross-platform operations to become one of the most publicized threat…
-
Developers left large cache of credentials exposed on code generation websites
Tags: ai, api, authentication, banking, credentials, cyber, data, data-breach, email, endpoint, fortinet, government, healthcare, infrastructure, leak, mssp, service, vulnerability, waf, zero-day/service/getDataFromID API endpoint, watchTowr was able to extract the content behind each link from 80,000+ downloaded submissions, five years of historical JSON Formatter content, one year of historical Code Beautify content, 5GB+ of enriched data, annotated JSON data, plus thousands of secrets. These included:Active Directory credentialsCode repository authentication keysDatabase credentialsLDAP configuration informationCloud environment keysFTP credentialsCI/CD…
-
Developers left large cache of credentials exposed on code generation websites
Tags: ai, api, authentication, banking, credentials, cyber, data, data-breach, email, endpoint, fortinet, government, healthcare, infrastructure, leak, mssp, service, vulnerability, waf, zero-day/service/getDataFromID API endpoint, watchTowr was able to extract the content behind each link from 80,000+ downloaded submissions, five years of historical JSON Formatter content, one year of historical Code Beautify content, 5GB+ of enriched data, annotated JSON data, plus thousands of secrets. These included:Active Directory credentialsCode repository authentication keysDatabase credentialsLDAP configuration informationCloud environment keysFTP credentialsCI/CD…
-
Data Leaks: Why Are We So Stupid About Free Online Services?
JSON Code ‘Beautifiers’ Expose Sensitive Data From Banks, Government Agencies At what price beauty? Apparently, some developers will paste anything into JSON beautify sites, from researchers report recovering authentication keys, database credentials, personally identifiable information for banking customers and much more. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/data-leaks-are-we-so-stupid-about-free-online-services-p-3982
-
Hackers Leveraging WhatsApp to Silently Harvest Logs and Contact Details
Tags: attack, automation, banking, credentials, cyber, exploit, finance, hacker, malware, open-source, phishingSecurity researchers at K7 Labs have uncovered a sophisticated phishing campaign targeting Brazilian users that exploits WhatsApp Web to distribute malware and steal sensitive financial information. The attack leverages open-source WhatsApp automation scripts combined with banking trojans, spreading silently through victims’ contacts while harvesting logs, credentials, and personal data. The campaign, identified as part of…
-
Major US Banks Gauge Their Exposure to SitusAMC Breach
JP Morgan Chase, Citi and Morgan Stanley Among Banking Customers Impacted. Major U.S. banks are assessing their exposure to a cybersecurity incident at real estate financial technology company SitusAMC, which disclosed Saturday that a breach may have affected client data. The New York firm uncovered the incident on Nov. 12. First seen on govinfosecurity.com Jump…
-
When the Browser Becomes the Battleground for AI and Last-Mile Attacks
For years we treated the browser as just another application. That era is over. As Vivek Ramachandran points out, the browser has quietly become the new endpoint”, and attackers have noticed. Users now live in the browser for work, banking, crypto, entertainment and everything in between. If that’s where the users are, that’s where the…
-
Hackers steal sensitive data from major banking industry vendor
The incident highlights how supply-chain compromises threaten even well-defended industries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/bank-vendor-cyberattack-supply-chain/806293/
-
When the Browser Becomes the Battleground for AI and Last-Mile Attacks
For years we treated the browser as just another application. That era is over. As Vivek Ramachandran points out, the browser has quietly become the new endpoint”, and attackers have noticed. Users now live in the browser for work, banking, crypto, entertainment and everything in between. If that’s where the users are, that’s where the…
-
Hackers steal sensitive data from major banking industry vendor
The incident highlights how supply-chain compromises threaten even well-defended industries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/bank-vendor-cyberattack-supply-chain/806293/
-
US banks scramble to assess data theft after hackers breach financial tech firm
U.S. banking giants including JPMorgan Chase, Citi, and Morgan Stanley are working to identify what data was stolen in a recent cyberattack on a New York financial firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/24/us-banks-scramble-to-assess-data-theft-after-hackers-breach-financial-tech-firm/
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
New Sturnus Android Malware Reads WhatsApp, Telegram, Signal Chats via Accessibility Abuse
Sturnus, an advanced Android banking trojan, has been discovered by ThreatFabric. Learn how this malware bypasses end-to-end encryption on Signal and WhatsApp, steals bank credentials using fake screens, and executes fraudulent transactions. First seen on hackread.com Jump to article: hackread.com/sturnus-android-malware-whatsapp-telegram-signal-chats/
-
UNC2891 Hackers Use Raspberry Pi and Fake Cards to Steal ATM Cash
A secretive cybercrime group called UNC2891 has been quietly draining ATMs across Southeast Asian banks for years, using an ingenious combination of custom malware and hidden hardware. Recent research from Group-IB reveals how this financially motivated threat actor has maintained invisible access to dozens of banking systems since 2017, employing techniques that blend digital hacking…
-
Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal
The Android trojan Sturnus targets communications from secure messaging apps like WhatsApp, Telegram and Signal. Sturnus is a new Android banking trojan with full device-takeover abilities. It bypasses encrypted messaging by capturing on-screen content and can steal banking credentials, remotely control the device, and hide fraudulent actions from the user. ThreatFabric analysis shows Sturnus malware…
-
Sturnus Malware Hijacks Signal and WhatsApp, Taking Full Device Control
MTI Security researchers have uncovered a new, particularly advanced Android banking trojan, dubbed Sturnus, that targets users’ financial and personal data with an unprecedented level of device control and operational stealth. Distinct from conventional mobile malware, Sturnus not only supports the typical arsenal of credential theft and whole device takeover but also demonstrates the ability…
-
Sturnus Malware Hijacks Signal and WhatsApp, Taking Full Device Control
MTI Security researchers have uncovered a new, particularly advanced Android banking trojan, dubbed Sturnus, that targets users’ financial and personal data with an unprecedented level of device control and operational stealth. Distinct from conventional mobile malware, Sturnus not only supports the typical arsenal of credential theft and whole device takeover but also demonstrates the ability…
-
Scam USPS and E-Z Pass Texts and Websites
Tags: banking, credit-card, cybercrime, google, government, group, password, phishing, scam, software, toolGoogle has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card…
-
WhatsApp ‘Eternidade’ Trojan Self-Propagates Through Brazil
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/whatsapp-eternidade-trojan-self-propagates-brazil
-
Scam USPS and E-Z Pass Texts and Websites
Tags: banking, credit-card, cybercrime, google, government, group, password, phishing, scam, software, toolGoogle has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card…
-
New Eternidade Stealer Uses WhatsApp to Steal Banking Data
Trustwave SpiderLabs warns of Eternidade Stealer, a new banking trojan spreading via personalised WhatsApp messages. Find out how this malicious software bypasses security checks and deploys fake login screens for major banks and wallets. First seen on hackread.com Jump to article: hackread.com/eternidade-stealer-whatsapp-steal-banking-data/