Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target over 1,500 banks Read more…

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed. “The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection,” Read more…

A couple sitting at a table

Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team | MSRC Blog

Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team | MSRC Blog Meet Derrick, a Senior Program Manager on the Operational Threat Intelligence team at Microsoft. Derrick’s role involves understanding and roadmapping the complete set of tools that Threat Intel analysts use to collect, analyze, process, and disseminate Read more…

Banking Trojans Target Latin America and Europe Through Google Cloud Run

Banking Trojans Target Latin America and Europe Through Google Cloud Run

Banking Trojans Target Latin America and Europe Through Google Cloud Run Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. “The infection Read more…

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that’s capable of harvesting identity documents, facial recognition data, and intercepting SMS. “The GoldPickaxe family is available Read more…