Tag: banking
-
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware.These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of…
-
Google Play Store: 77 schädliche Apps mit über 19 Mio. Downloads
Sicherheitsforscher von Zscaler haben 77 bösartige Apps mit über 19 Millionen Downloads im Google Play Store entdeckt. Der Banking-Trojaner Anatsa hat dabei seine Angriffsmethoden deutlich verfeinert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/play-store-77-schaedliche-apps
-
Google Play Store: 77 schädliche Apps mit über 19 Mio. Downloads
Sicherheitsforscher von Zscaler haben 77 bösartige Apps mit über 19 Millionen Downloads im Google Play Store entdeckt. Der Banking-Trojaner Anatsa hat dabei seine Angriffsmethoden deutlich verfeinert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/play-store-77-schaedliche-apps
-
Google Play Store: 77 schädliche Apps mit über 19 Mio. Downloads
Sicherheitsforscher von Zscaler haben 77 bösartige Apps mit über 19 Millionen Downloads im Google Play Store entdeckt. Der Banking-Trojaner Anatsa hat dabei seine Angriffsmethoden deutlich verfeinert. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/play-store-77-schaedliche-apps
-
77 bösartige Apps im Google-Play-Store mit über 19 Millionen Downloads entdeckt
Das Zscaler ThreatLabz-Team hat 77 bösartige Apps im Google-Play-Store identifiziert und an Google gemeldet, die zusammen über 19 Millionen Installationen verzeichnen. Im Rahmen der kontinuierlichen Analyse von Anwendungen mit Schadcode haben die Security-Researcher die folgenden Trends ausgemacht: Zu den entdeckten Bedrohungen zählen vorrangig Adware-Anwendungen, bekannte Malware-Varianten wie Joker und Harly aber auch fortschrittliche Banking-Trojaner wie…
-
Threat Actors Use Facebook Ads to Deliver Android Malware
Cybercriminals are increasingly turning their sights from desktop to mobile, exploiting Meta’s advertising platform to distribute a sophisticated Android banking trojan disguised as a free TradingView Premium app. Bitdefender Labs warns that these threat actors have shifted tactics after months of targeting Windows users with fake trading and cryptocurrency ads, now focusing worldwide on smartphone…
-
News alert: SquareX finds browser flaw undermining passkeys while exposing banking and SaaS apps
Palo Alto, Calif., Aug. 28, 2025, CyberNewswire, It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/news-alert-squarex-finds-browser-flaw-undermining-passkeys-while-exposing-banking-and-saas-apps/
-
New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a malicious Android application disguised as an official portal. This banking trojan and spyware targets pensioners and civil servants, exploiting legacy systems and digital transformation vulnerabilities to steal sensitive data including…
-
TDL003 – Breaking Barriers: IPv6 Adoption and DNS Transformation with Tommy Jensen
Tags: access, ai, apple, attack, backup, banking, browser, business, ceo, chrome, ciso, compliance, computer, computing, control, country, credentials, cybersecurity, data, data-breach, ddos, dns, encryption, endpoint, google, government, group, international, Internet, jobs, law, microsoft, mobile, network, phishing, phone, privacy, programming, radius, risk, service, smishing, strategy, switch, technology, threat, update, vpn, windows, zero-trustSummary This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet technologies, is explored. The discussion highlights the critical importance and challenges of migrating to IPv6 and the necessity of…
-
New Hook Android Banking Malware Emerges with Advanced Features and 107 Remote Commands
Zimperium’s zLabs research team has identified a sophisticated new variant of the Hook Android banking trojan, marking a significant escalation in mobile threat sophistication. This iteration incorporates ransomware-style overlays that display extortion messages, demanding payments via dynamically fetched wallet addresses from the command-and-control (C2) server. Activated by the >>ransome
-
New Android Trojan Variant Expands with Ransomware Tactics
A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-trojan-expands-ransomware/
-
Threat Actors Update Android Droppers to Remain Effective with Even Simple Malware
Threat actors are increasingly refining Android droppers to circumvent enhanced security measures, extending their utility beyond sophisticated banking trojans to simpler malware variants like SMS stealers and basic spyware. Historically, droppers served as innocuous entry points for payloads requiring elevated permissions, such as Accessibility Services, particularly after Android 13’s API restrictions limited direct installations. These…
-
Threat Actors Update Android Droppers to Remain Effective with Even Simple Malware
Threat actors are increasingly refining Android droppers to circumvent enhanced security measures, extending their utility beyond sophisticated banking trojans to simpler malware variants like SMS stealers and basic spyware. Historically, droppers served as innocuous entry points for payloads requiring elevated permissions, such as Accessibility Services, particularly after Android 13’s API restrictions limited direct installations. These…
-
Banking-Trojaner und mehr: Android-Malware millionenfach über Google Play verteilt
Forscher haben im Google Play Store 77 Android-Apps entdeckt, die eine gefährliche Malware nachladen. Letztere zielt auch auf deutsche Nutzer ab. First seen on golem.de Jump to article: www.golem.de/news/banking-trojaner-und-mehr-android-malware-millionenfach-ueber-google-play-verteilt-2508-199521.html
-
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages.”A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment,” Zimperium zLabs researcher Vishnu Pratapagiri First…
-
Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware
Experts found 77 malicious Android apps with 19M+ installs on Google Play, spreading malware, including the Anatsa (TeaBot) banking trojan. While investigating Anatsa (Tea Bot) banking trojan infections, Zscaler’s ThreatLabs discovered seventy-seven malicious Android apps with more than 19 million installs. Several Anatsa decoy apps have each been downloaded more than 50,000 times. The malicious apps…
-
Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware
Experts found 77 malicious Android apps with 19M+ installs on Google Play, spreading malware, including the Anatsa (TeaBot) banking trojan. While investigating Anatsa (Tea Bot) banking trojan infections, Zscaler’s ThreatLabs discovered seventy-seven malicious Android apps with more than 19 million installs. Several Anatsa decoy apps have each been downloaded more than 50,000 times. The malicious apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 59
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824 Supply Chain Risk in Python: Termncolor and Colorinal Explained Noodlophile […]…
-
Anatsa Malware Escalates: Android Under Siege as Hackers Harvest Credentials and Track Keystrokes
The Zscaler ThreatLabz team has uncovered significant advancements in the Anatsa malware, also known as TeaBot, an Android banking trojan that has been active since 2020. Originally designed for credential theft, keylogging, and facilitating fraudulent transactions, Anatsa has evolved into a more sophisticated threat, now targeting over 831 financial institutions worldwide. This expansion includes new…
-
Quishing die neue Dimension des Phishings mit QR-Codes
QR-Codes sind längst Alltag: ob für Restaurant-Speisekarten, Event-Tickets, Banking-Apps oder Logins. Doch gerade ihre Allgegenwärtigkeit macht sie zu einem attraktiven Angriffsziel für Cyberkriminelle. First seen on it-daily.net Jump to article: www.it-daily.net/shortnews/quishinf-phishing-mit-qr-codes
-
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator’s infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ermac-android-malware-source-code-leak-exposes-banking-trojan-infrastructure/
-
Norway fixing Big Bang e-health botch with fintech security
Experts call for Europe’s health sector to protect medical APIs with security originated from UK open banking as officials take urgent measures against unprecedented attacks First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629212/Norway-fixing-big-bang-e-health-botch-with-fintech-security
-
Norway fixing Big Bang e-health botch with fintech security
Experts call for Europe’s health sector to protect medical APIs with security originated from UK open banking as officials take urgent measures against unprecedented attacks First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629212/Norway-fixing-big-bang-e-health-botch-with-fintech-security
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN The State of Ransomware Q2 2025 Malware 101: a comprehensive guide Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed […]…
-
Smartphone-Sicherheit Drei unerlässliche Verhaltensregeln
Ein jeder hat es und fast jeder nutzt es online das Smartphone. Durch die Verbindung zum Internet und die Nutzung für sensible Prozesse wie Banking und diverse Identifikationsverfahren ist es allerdings auch ein begehrtes Ziel für Phishing-Attacken und Malware. Genaugenommen sind es die Daten, die hierbei abgegriffen und von kriminellen Kräften missbraucht werden. Davor […]…
-
New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data
McAfee’s Mobile Research Team has identified a sophisticated Android malware campaign primarily aimed at Hindi-speaking users in India, masquerading as legitimate financial applications from institutions like SBI Card, Axis Bank, and IndusInd Bank. This operation distributes malicious APKs through dynamically created phishing websites that mimic official banking portals, leveraging real assets such as images and…
-
Top cybersecurity M&A deals for 2025
Tags: 5G, access, ai, api, apple, application-security, attack, automation, awareness, banking, breach, business, ceo, cisco, cloud, compliance, control, crowdstrike, cyber, cybersecurity, data, ddos, defense, detection, edr, email, endpoint, finance, firewall, gitlab, government, group, ibm, identity, incident response, infrastructure, intelligence, leak, microsoft, mitigation, network, password, programming, risk, risk-management, saas, service, software, sophos, strategy, supply-chain, technology, threat, tool, training, vulnerability, waf, zero-trustPalo Alto Networks to buy CyberArk for $25B as identity security takes center stage July 30, 2025: Palo Alto Networks is making what could be its biggest bet yet by agreeing to buy Israeli identity security company CyberArk for around $25 billion. “We envision Identity Security becoming the next major pillar of our multi-platform strategy, complementing our leadership…