Banking Trojan Archives

Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail

IBM Security X-Force researchers have discovered a revamped version of the Trickbot Group’s AnchorDNS backdoor being used in recent attacks ending with the deployment of Conti ransomware. The Trickbot Group,…

Banking Trojan

TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware

Malware authors use various techniques to obfuscate their code and protect against reverse engineering. Techniques such as control flow obfuscation using Obfuscator-LLVM and encryption are often observed in malware samples.…

Advanced Threats

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion.…

Advanced Malware

TrickBot Bolsters Layered Defenses to Prevent Injection Research

This post was written with contributions from IBM X-Force’s Limor Kessem and Charlotte Hammond. The cyber crime gang that operates the TrickBot Trojan, as well as other malware and ransomware…

Banking & Finance

New ZE Loader Targets Online Banking Users

IBM Trusteer closely follows developments in the financial cyber crime arena. Recently, we discovered a new remote overlay malware that is more persistent and more sophisticated than most current-day codes.…

Android Malware

What is Ghimob Malware?

A new Android malware strain ‘Ghimob’ is mimicking third-party mobile (mainly banking) apps to spy and steal user data when downloaded and installed. This Trojan virus steals data from users,…

banking malware

Zeus Sphinx Back in Business: Some Core Modifications Arise

The Zeus Sphinx banking Trojan is financial malware that was built upon the existing and leaked codebase of the forefather of many other Trojans in this class: Zeus v2.0.8.9. Over…

Banking Trojan

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets…

Android

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts…

banking

Grandoreiro Malware Now Targeting Banks in Spain

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise…

Browsing CategoryBanking Trojan

Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail

TrickBot Gang Uses Template-Based Metaprogramming in Bazar Malware

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

TrickBot Bolsters Layered Defenses to Prevent Injection Research

New ZE Loader Targets Online Banking Users

What is Ghimob Malware?

Zeus Sphinx Back in Business: Some Core Modifications Arise

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

Grandoreiro Malware Now Targeting Banks in Spain

Cybersecurity jobs: How to better apply, get hired and fill open roles | Cyber Work Podcast

Ethical user data collection and machine learning | Cyber Work Podcast

Working as a privacy manager | Cybersecurity Career Series