Collecting Cyber-News from over 60 sources

Tag: banking

Cryptohack Roundup: Banking Trojan Targets Crypto Firms

May 14, 2026 8:00 PM

Tags: banking, crypto, service, theft

Also: Indictments in Theft Case, KelpDAO Restarts Operations. This week, banking Trojan TCLBanker targeted crypto platforms, three people indicted in a violent digital assets-related robbery, Kelp DAO restarted services after the $292 million hack and the U.S. Department of the Treasury tightened oversight of Binance. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-banking-trojan-targets-crypto-firms-a-31683
Android 17 to expand banking scam call and privacy protections

May 12, 2026 8:19 PM

Tags: android, banking, detection, privacy, scam, theft, threat

Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-17-to-expand-banking-scam-call-and-privacy-protections/
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

May 12, 2026 4:20 PM

Tags: android, banking, control, crypto, cybersecurity, network

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2).The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria.”TrickMo relies on a runtime-loaded APK (dex.module), First seen…
Android banking Trojan TrickMo evolves using TON network for C2

May 12, 2026 10:19 AM

Tags: android, banking, control, malware, network

ThreatFabric found a new TrickMo Android trojan focused on stealth and persistence, moving its command-and-control traffic to the TON network. Security researchers at ThreatFabric have recently identified a new version of TrickMo, a dangerous Android banking trojan that shows how malware operators are focusing less on flashy new features and more on improving stealth, flexibility,…
TrickMo Android Malware Targets Banking, Wallet, and Authenticator Apps

May 12, 2026 8:18 AM

Tags: android, banking, cyber, fintech, malware, network

TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator applications while introducing advanced stealth and network capabilities. Rather than introducing entirely new user-facing functionality, the latest TrickMo variant focuses on backend improvements. The malware retains its core device takeover (DTO) capabilities but enhances stealth, persistence, and…
TrickMo Variant Routes Android Trojan Traffic Through TON

May 11, 2026 6:18 PM

Tags: android, banking, network

ThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open Network First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/trickmo-c-ton-network-android/
TrickMo Android banker adopts TON blockchain for covert comms

May 11, 2026 5:20 PM

Tags: android, banking, blockchain, control, malware, network

A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/trickmo-android-banker-adopts-ton-blockchain-for-covert-comms/
New TCLBanker malware self-spreads over WhatsApp and Outlook

May 8, 2026 12:48 AM

Tags: ai, banking, crypto, fintech, malware

A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech AI Prompt Builder to infect systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-tclbanker-malware-self-spreads-over-whatsapp-and-outlook/
UK Finance Sector Puts Cyber Defences to the Test in National Hackathon

May 6, 2026 6:48 PM

Tags: banking, cyber, cybersecurity, finance, fintech, group, infrastructure, technology

Over the course of two days (April 27-28), banks, fintech companies, technology providers, and regulators from across the UK financial ecosystem came together for a cybersecurity competition designed to test real-world readiness, decision-making under pressure, and the ability to defend critical financial infrastructure against sophisticated attacks. Hosted by Lloyds Banking Group, Hack The Box, and…
How Mythos Signals Cybersecurity Disruption

May 4, 2026 9:48 PM

Tags: access, ai, attack, banking, browser, business, cybersecurity, data, exploit, finance, government, hacker, healthcare, infrastructure, microsoft, open-source, risk, software, technology, tool, update, vulnerability, zero-day

What is Mythos Mythos is Anthropic’s latest AI model, and it is stirring up a tornado of concern in cybersecurity circles. Even before its release, Mythos discovered thousands of new sensitive vulnerabilities in commercial and open-source software, including all major operating systems and web browsers. One was in existence for over 27 years without the industry…
Your work apps are quietly handing 19 data points to someone

May 4, 2026 6:48 AM

Tags: banking, data, mobile, office, phone

Office work in 2026 runs through a stack of mobile apps that sit on the same phones people use for banking, messaging family, and tracking their location. Ten of the most … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/04/workplace-apps-data-collection-privacy/
Human-centric failures: Why BEC continues to work despite MFA

May 1, 2026 12:46 PM

Tags: attack, authentication, awareness, banking, breach, business, cio, communications, compliance, control, credentials, cyber, cybersecurity, deep-fake, edr, email, endpoint, exploit, finance, fraud, governance, group, identity, mfa, monitoring, phishing, risk, scam, soc, social-engineering, technology, training

technically compromised at all, which places these attacks outside the protection boundary of MFA controls.In 2019, Toyota Boshoku Corporation fell to a BEC attack with an employee transferring over $30m to scammers following a cloned email from a 3rd party company with urgency citing the need for the transaction to be completed urgently so as…
Bank regulator sounds warning over cybersecurity threat posed by AI models

May 1, 2026 5:39 AM

Tags: access, ai, api, attack, banking, cloud, cyber, cyberattack, cybersecurity, defense, finance, flaw, germany, government, penetration-testing, service, supply-chain, technology, threat, vulnerability

Accessing Mythos: It’s barely three weeks since Anthropic made Claude Mythos public on April 7 and it’s hard to recall a development that’s caused as much cybersecurity alarm in such a short space of time.Earlier this week, Michael Theurer, the chief supervisor of Bundesbank, Germany’s financial regulator, echoed APRA’s concern, telling Reuters that European banks…
Bad Bots in the Agentic Age: What the 2026 Thales Bad Bot Report Reveals

Apr 30, 2026 10:39 AM

Tags: ai, api, application-security, attack, automation, banking, business, container, control, crime, cyber, cybercrime, data, defense, detection, exploit, finance, fraud, identity, infrastructure, intelligence, Internet, LLM, malicious, monitoring, resilience, risk, service, threat, tool, vulnerability

Bad Bots in the Agentic Age: What the 2026 Thales Bad Bot Report Reveals josh.pearson@t“¦ Thu, 04/30/2026 – 07:31 The modern internet is becoming less human by the day. Bot traffic is increasing, and human traffic is shrinking. Malicious automated traffic is getting harder to spot. The Thales 2026 Bad Bot Report, now in it’s…
Minnesota’s CISOs: Homegrown Talent Securing Finance, Insurance, and Beyond

Apr 29, 2026 8:39 AM

Tags: banking, ciso, finance, insurance, service, technology

Minnesota has produced a quietly strong CISO community, particularly in financial services and insurance. The leaders in this feature are based in the Twin Cities metro or built the core of their careers there, and their work spans credit unions, community banking, wealth management, payment technology, title insurance, and one of the most consequential public…The…
Minnesota’s CISOs: Homegrown Talent Securing Finance, Insurance, and Beyond

Apr 29, 2026 8:39 AM

Tags: banking, ciso, finance, insurance, service, technology

Minnesota has produced a quietly strong CISO community, particularly in financial services and insurance. The leaders in this feature are based in the Twin Cities metro or built the core of their careers there, and their work spans credit unions, community banking, wealth management, payment technology, title insurance, and one of the most consequential public…The…
Fake KYC Android Malware Spreads via WhatsApp to Hijack Bank Accounts

Apr 28, 2026 8:39 AM

Tags: android, banking, cyber, finance, fraud, india, malware, update

A new Android malware campaign is masquerading as a “Banking KYC” verification app and spreading via WhatsApp messages to target banking users in India. The malware is delivered as an APK shared over WhatsApp, posing as an urgent bank KYC or account verification update similar to previously reported Indian banking fraud campaigns. Victims are told…
Fake Document Reader App Hits 10K Downloads, Spreads Anatsa Malware

Apr 28, 2026 7:39 AM

Tags: android, banking, cyber, google, malicious, malware, threat

A newly discovered malicious Android application masquerading as a document reader was found on the Google Play Store, infecting users with the notorious Anatsa banking trojan. The app, which had already surpassed 10,000 downloads before its removal, highlights the ongoing threat of malware slipping through official app marketplaces. The malicious app was hosted on the…
The Bluegrass State’s Security Leaders: Kentucky CISOs to Know

Apr 27, 2026 6:38 AM

Tags: banking, ciso, cybersecurity, government, healthcare, software, technology

Kentucky’s cybersecurity leadership spans government, academic medicine, community healthcare, manufacturing technology, banking, and global software platforms. The CISOs in this feature have built programs inside environments as different as a city government and a Fortune-level enterprise acquisition, but they share a common thread: careers shaped by the specific demands of the institutions and industries Kentucky…The…
New US House privacy bills raise hard questions about enterprise data collection

Apr 24, 2026 10:39 PM

Tags: access, ai, awareness, banking, business, cio, ciso, compliance, credentials, data, finance, framework, governance, group, identity, insurance, Internet, jobs, law, privacy, regulation, risk, service, strategy, supply-chain

Where privacy law overlaps with AI governance: The SECURE Data Act does not contain broad, standalone AI governance rules, but it still touches AI in meaningful ways.The bill includes opt-outs for fully automated profiling used for decisions with legal or similarly significant effects. That language can clearly implicate some uses of AI, particularly in hiring,…
AI-Driven Attacks on Banking Databases: Governance at Scale

Apr 24, 2026 6:39 PM

Tags: ai, attack, banking, finance, governance, risk

Mythos-class AI systems pose a new database security risk for financial institutions. Learn how Liquibase Secure protects against autonomous attacks and state corruption. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ai-driven-attacks-on-banking-databases-governance-at-scale/
AI-Driven Attacks on Banking Databases: Governance at Scale

Apr 24, 2026 6:39 PM

Tags: ai, attack, banking, finance, governance, risk

Mythos-class AI systems pose a new database security risk for financial institutions. Learn how Liquibase Secure protects against autonomous attacks and state corruption. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ai-driven-attacks-on-banking-databases-governance-at-scale/
Warnung vor neuen Android-Trojanern: 800 Apps betroffen

Apr 24, 2026 5:39 AM

Tags: android, banking, crypto

Zimperium identifiziert vier neue Android-Banking-Trojaner. Über 800 Finanz- und Krypto-Apps weltweit sind betroffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/android-trojaner-800-apps-betroffen
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Apr 22, 2026 11:39 AM

Tags: access, backdoor, banking, control, cybersecurity, dns, espionage, finance, india, korea, malware

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector.”The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than First seen on thehackernews.com…
Microsoft-Signed Binary Helps Deliver LOTUSLITE in India Spy Campaign

Apr 22, 2026 8:39 AM

Tags: access, backdoor, banking, communications, cyber, espionage, india, microsoft, spy

Microsoft-signed developer tooling is being abused to quietly deploy a new LOTUSLITE backdoor variant against India’s banking sector, in what researchers link to the China”‘nexus Mustang Panda espionage cluster with moderate confidence. The backdoor retains its espionage profile, offering remote shell access, file operations, and session management rather than any obvious monetization features. Communications are…
Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Apr 20, 2026 9:39 PM

Tags: android, banking, malware

Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs. The post Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-android-malware-stealing-pin-overlay-attack/
MiningDropper Spreads Infostealers, RATs, Banking Malware on Android

Apr 20, 2026 11:39 AM

Tags: access, android, banking, credentials, crypto, cyber, framework, hacker, malware, rat

Hackers are abusing a modular Android framework called MiningDropper to mine cryptocurrency and silently install infostealers, remote access trojans (RATs), and banking malware on infected devices. MiningDropper is a multi-stage Android dropper that combines crypto-mining with the delivery of additional malware payloads, including banking trojans, RATs such as BTMOB, and credential-stealing spyware. A recent variant is built…
Finance Chiefs Warn New AI Models May Rattle Global Banking

Apr 18, 2026 12:37 AM

Tags: ai, banking, cyber, exploit, finance, intelligence, risk, vulnerability

Officials Warned New Models Could Accelerate Cyber Risks Faster Than Rules. Global finance officials meeting in Washington warned that advanced artificial intelligence models could expose structural weaknesses across banking and payment systems, speeding vulnerability discovery and cyber exploitation faster than regulators can build guardrails. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/finance-chiefs-warn-new-ai-models-may-rattle-global-banking-a-31457
New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps

Apr 17, 2026 9:37 PM

Tags: android, banking, malware

New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally. First seen on hackread.com Jump to article: hackread.com/recruitrat-saferrat-astrinox-massiv-android-malware/
Android-Trojaner gibt sich als Bank oder Behörde aus

Apr 17, 2026 12:48 AM

Tags: android, banking, finance, infrastructure, malware, mobile

Sicherheitsforscher von Infoblox und der vietnamesischen Organisation Chong Lua Dao haben eine weitreichende Malware-Infrastruktur aufgedeckt, die gezielt auf Mobile-Banking-Nutzer abzielt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/android-trojaner-bank-oder-behoerde