Trojan | SC Media

Trojan

Malspam campaign leverages Boeing 737 Max tragedy

By

Threat actors are once again leveraging tragedy, this time sending spam messages concerning the recent Boeing 737 MAX crash which took place last week. The campaign was discovered by 360 Threat Intelligence Center researchers who posted about the malicious campaign on Twitter. Attackers are using topics regarding #Boeing 737 MAX 8 crash and seems an…

Locky TrickBot geography

Center for Internet Security warns of Trickbot

By

TrickBot malware targets users financial information and acts as a dropper for other malware and can be leveraged to steal banking information, conduct system and network reconnaissance, harvest credentials and achieve network propagation, according to a security primer released by the Multi-State Information Sharing and Analysis Center (MS-ISAC). “The malware authors are continuously releasing new…

Belonard Trojan spread via zero days in Counter-Strike 1.6

By

Cybercriminals are exploiting zero-day vulnerabilities in an old game Counter-Strike 1.6 to spread the Belonard Trojan. To give context, the overall number of game servers registered on Steam exceeds 5,000 while the number of players using official CS 1.6 clients reaches an average of 20,000 people online. “Many owners of popular game servers also raise…

trojanhorse_1032765

IcedID banking trojan now used against online retailers

By

The malicious actors behind the IcedID banking trojan have branched out and are now using the malware to steal payment card credentials from online retailers and may have even become malware-as-a-service dealers. The e-tailer attacks began in November 2018 and instead of grabbing customer banking information, IcedID is used to grab credentials and payment card…

trojanhorse_1032765

Check Point talks about the SpeakUp backdoor trojan

By

Check Point researchers have offered up the details on the new SpeakUp backdoor that has been found on servers in China during the 2019 CPX 360 Cybersecurity Summit and Expo. The malicious actors are taking advantage of CVE-2018-20062, a vulnerability in Chinese PHP frameworks, capable of targeting servers running six different Linux distributions and macOS,…

Malwarebytes CEO Marcin Kleczynski

AI use in ransomware attacks and sextortion schemes top Malwarebytes 2018 report

By

The Malwarebytes State of Malware 2018 report found an odd mix of attacks that took place last year with businesses bearing the brunt of cybercriminals’ efforts, while consumers were victimized in a new way using their previously hacked PII. Malwarebytes CEO Marcin Kleczynski The amount of malware targeted at business increased 79 percent, compared to…

Brazil (3)

Brazilian-made bank trojan use spreading

By

When it comes to banking trojans Brazil is not only a leading manufacturer, but most often its residents bear the brunt of these attacks, however, Cybereason has found the same malware normally used to attack this South American country has spread worldwide. The malware was found by Cybereason is being used against banks in more…

BankingTrojan

Recently found GPlayed trojan spinoff analyzed

By

The GPlayed trojan that was only revealed earlier this month has already spawned a successor that is capable of targeting the customers of a specific Russian bank. Dubbed by Cisco Talos GPlayed Banker, the trojan has been specialized to just target customers of the Sberbank AutoPay users. The initial version, which Talos detailed in an…

Agent Tesla author may have been unveiled

By

Researchers may have tracked down the threat actor behind the illusive Agent Tesla malware strain that has recently seen a surge in popularity. KrebsOnSecurity traced the WordPress site domain which originally sold the malware to a man from Antalya, Turkey named Mustafa can Ozaydin and an email address used by a Turkish individual of the same…

trojanhorse_1032765

GPlayed trojan seeks to play users out of their data

By

A new trojan dubbed GPlayed shows that threat actors are increasing their abilities to create hybrid threats that can move code from desktops to mobile platforms with no effort. Cisco Talos researchers discovered the malware, still in its testing stages, using an icon similar to the one used in the Google Play store and displaying…

Next post in Cybercrime