Tag: banking
-
New Android Banking Trojan Uses Hidden VNC for Full Remote Control of Devices
In late August 2025, Cleafy’s Threat Intelligence team uncovered Klopatra, a new, highly sophisticated Android banking trojan and Remote Access Trojan (RAT) that grants attackers full control of compromised devices and facilitates large-scale financial fraud. Active campaigns in Spain and Italy have already infected over 3,000 devices, targeting users of major financial institutions and draining…
-
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly.Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior First seen on…
-
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After a quiet period, we are now seeing new variants of LummaStealer emerge. In light of…
-
Credit Unions Replaced Fragmented Tools With Seceon’s Platform
Credit unions are the financial lifeline for more than 139 million Americans. Built on a member-first philosophy, these not-for-profit institutions provide affordable banking, community trust, and financial empowerment. But in today’s digital-first era, credit unions face growing cybersecurity challenges. With rising ransomware attacks, phishing scams, and third-party vendor breaches, credit unions are prime targets for…
-
Banking Trojans Targeting Android Users Disguise as Government and Trusted Payment Apps
Since August 2024, a financially motivated threat group has been targeting Android users in Indonesia and Vietnam with banking trojans disguised as official government identity and payment applications. By employing elaborate download mechanisms, reusing infrastructure, and leveraging template-based spoofed sites, the operators have used a coordinated campaign to evade detection and steal user credentials. The…
-
Banking Trojans Targeting Android Users Disguise as Government and Trusted Payment Apps
Since August 2024, a financially motivated threat group has been targeting Android users in Indonesia and Vietnam with banking trojans disguised as official government identity and payment applications. By employing elaborate download mechanisms, reusing infrastructure, and leveraging template-based spoofed sites, the operators have used a coordinated campaign to evade detection and steal user credentials. The…
-
Zloader Malware Used as Gateway for Ransomware Deployment in Corporate Networks
Zloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused purpose to become a dangerous tool for initial access and ransomware deployment in corporate environments. Following an almost two-year hiatus, this malware reemerged in September 2023 with substantial enhancements to its obfuscation techniques, domain generation…
-
Technical Analysis of Zloader Updates
Tags: access, attack, banking, cloud, communications, control, corporate, data, data-breach, detection, dns, encryption, malware, network, ransomware, strategy, threat, update, windowsIntroductionZloader (a.k.a. Terdot, DELoader, or Silent Night) is a Zeus-based modular trojan that emerged in 2015. Zloader was originally designed to facilitate banking, but has since been repurposed for initial access, providing an entry point into corporate environments for the deployment of ransomware. Following an almost two-year hiatus, Zloader reemerged in September 2023 with significant enhancements…
-
FOMO? Brit banking biz rolls out AI tools, talks up security
Lloyds Data and AI lead doesn’t want devs downloading models from the likes of Hugging Face too risky First seen on theregister.com Jump to article: www.theregister.com/2025/09/22/lloyds_data_ai_deployment/
-
Cryptohack Roundup: US Sanctions Iran Shadow Banking Network
Also: Man Denied Bankruptcy Discharge Over $12.5M Crypto Ponzi Debts. U.S. sanctions Iranian shadow banking network, Texas man denied bankruptcy discharge, Nemo blames $2.6M exploit on developer errors, THORChain founder hacked, Shibarium Bridge hit by $2.4M hack, Denver court rules pastor’s $3.3M project a fraud and NYDFS tells banks to use blockchain analytics. First seen…
-
Scattered Spider Tied to Fresh Attacks on Financial Services
Recent, Targeted Attacks Suggest Undercut Group’s Claimed ‘Going Dark’ Retirement. Elements of the notorious ransomware collective lately calling itself Scattered Lapsus$ Hunters appear to be targeting fresh victims, including a U.S. banking organization if not the sector at large, despite a member of the group claiming it would be going dark and retiring. First seen…
-
Role of AI in Detecting and Preventing Financial Fraud
The banking sector has always been one of the prime targets for hackers due to the highly sensitive nature of its operations. It holds not only vast amounts of money but also valuable customer data, making it a lucrative target. As users continue to embrace the digital economy, cybersecurity in banking has become a top……
-
Imperva API Security: Authentication Risk Report”, Key Findings Fixes
An in-depth analysis of common JSON Web Token (JWT) mistakes, basic auth, long-lived tokens, and quick, high-impact fixes to secure your APIs. Introduction APIs are the backbone of modern digital services”, from mobile apps and e-commerce to banking and IoT. That scale and utility also make them prime targets. In our recent study of authentication-related…
-
Money Mule Networks Surge 168% Fueling Digital Banking Fraud
BioCatch Says Crime Groups Have Industrialized Operations With Stablecoin Transfers. Organized crime groups have industrialized digital banking fraud operations in the United States, with money mule networks surging 168% in the first half of 2025. Money mules are being recruited at unprecedented scale, and they’re using stablecoins to transfer funds to crypto exchanges. First seen…
-
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware called RatOn evolved from a basic tool capable of conducting Near Field Communication (NFC) attacks to a sophisticated remote access trojan with Automated Transfer System (ATS) capabilities to conduct device fraud.”RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality making it a uniquely powerful threat,” the Dutch…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT.The phishing attack incorporates a number of advanced evasion techniques to gain complete control over compromised systems, siphon sensitive data, and extend its functionality by serving secondary plugins, Fortinet FortiGuard Labs said.” First seen on thehackernews.com Jump…
-
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT.The phishing attack incorporates a number of advanced evasion techniques to gain complete control over compromised systems, siphon sensitive data, and extend its functionality by serving secondary plugins, Fortinet FortiGuard Labs said.” First seen on thehackernews.com Jump…
-
Android droppers evolved into versatile tools to spread malware
Android droppers now spread banking trojans, SMS stealers, and spyware, disguised as government or banking apps in India and Asia. ThreatFabric researchers warn of a shift in Android malware: dropper apps now deliver not just banking trojans, but also SMS stealers and spyware, mainly in Asia. Google’s Pilot Program enhances Play Protect by scanning Android…
-
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware.These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of…
-
Google Play Store: 77 schädliche Apps mit über 19 Mio. Downloads
Sicherheitsforscher von Zscaler haben 77 bösartige Apps mit über 19 Millionen Downloads im Google Play Store entdeckt. Der Banking-Trojaner Anatsa hat dabei seine Angriffsmethoden deutlich verfeinert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/play-store-77-schaedliche-apps
-
Google Play Store: 77 schädliche Apps mit über 19 Mio. Downloads
Sicherheitsforscher von Zscaler haben 77 bösartige Apps mit über 19 Millionen Downloads im Google Play Store entdeckt. Der Banking-Trojaner Anatsa hat dabei seine Angriffsmethoden deutlich verfeinert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/play-store-77-schaedliche-apps
-
Google Play Store: 77 schädliche Apps mit über 19 Mio. Downloads
Sicherheitsforscher von Zscaler haben 77 bösartige Apps mit über 19 Millionen Downloads im Google Play Store entdeckt. Der Banking-Trojaner Anatsa hat dabei seine Angriffsmethoden deutlich verfeinert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/play-store-77-schaedliche-apps
-
77 bösartige Apps im Google-Play-Store mit über 19 Millionen Downloads entdeckt
Das Zscaler ThreatLabz-Team hat 77 bösartige Apps im Google-Play-Store identifiziert und an Google gemeldet, die zusammen über 19 Millionen Installationen verzeichnen. Im Rahmen der kontinuierlichen Analyse von Anwendungen mit Schadcode haben die Security-Researcher die folgenden Trends ausgemacht: Zu den entdeckten Bedrohungen zählen vorrangig Adware-Anwendungen, bekannte Malware-Varianten wie Joker und Harly aber auch fortschrittliche Banking-Trojaner wie…
-
Threat Actors Use Facebook Ads to Deliver Android Malware
Cybercriminals are increasingly turning their sights from desktop to mobile, exploiting Meta’s advertising platform to distribute a sophisticated Android banking trojan disguised as a free TradingView Premium app. Bitdefender Labs warns that these threat actors have shifted tactics after months of targeting Windows users with fake trading and cryptocurrency ads, now focusing worldwide on smartphone…
-
News alert: SquareX finds browser flaw undermining passkeys while exposing banking and SaaS apps
Palo Alto, Calif., Aug. 28, 2025, CyberNewswire, It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/news-alert-squarex-finds-browser-flaw-undermining-passkeys-while-exposing-banking-and-saas-apps/
-
New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a malicious Android application disguised as an official portal. This banking trojan and spyware targets pensioners and civil servants, exploiting legacy systems and digital transformation vulnerabilities to steal sensitive data including…