In September we informed about a new banking trojan called Hesperbot (detected as Win32/Spy.Hesperbot). The perpetrators responsible for the threat are still active – November has been particularly eventful. In this post, we’ll give an update on the situation and malware developments.
Cybercriminals are already targeting mobile banking apps as a “way in” to customer accounts – as witnessed in ESET’s discovery of a new, advanced Trojan, Hesperbot. But a new IBM system may help secure smartphones – by using near-field communications chips (NFC) for an additional layer of security. It’s the first system to allow “two-factor”
From legitimate companies delivering software with a “side-order” of malware, to PC attacks that persuade you to infect your own phone, here are some of the latest traps laid by cybercriminals - and how to sidestep them.
A stealthy banking Trojan known as Caphaw or Shylock has resurfaced - and is attacking customers of 24 American banks. It's armed with defensive abilities including the power to "restore" itself during shutdown.
These days cybercriminals will use phone calls, SMS messages, emails, fake apps - and even couriers - in an effort to get your money. The key to staying safe is to recognize behavior that isn’t quite “right” - and catch phishers and fraudsters in the act.
Win32/Spy.Hesperbot is a new banking trojan that has been targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. For more information about its malware spreading campaigns and victims, refer to our first blog post. In this post we’ll cover the technical details of the malware, including the overall architecture, as well as the mobile component.
A new and effective banking trojan has been discovered targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. It uses very credible-looking phishing-like campaigns, related to trustworthy organizations, to lure victims into running the malware.
Mobile banking apps pose an “important risk” to consumers as banks increasingly offer access to banking services via smartphones. A financial watchdog is to investigate the threat of bogus and malicious banking apps.
New analysis and white paper detail how ESET researchers helped stop criminal hackers exploiting a Brazilian government website to retrieve data stolen by Trojan code that used spam and a Chrome browser plugin to steal confidential data from online banking customers.
A simulated cyber attack with the Hollywood-esque title Quantum Dawn 2 will bombard the defenses of American banks on June 28 - in an exercise designed to test how Wall Street would endure a sustained hi-tech assault.
Banks should look to spam emails and their own server errors as a source of information, says Nicholas Scott of National Australia Bank (NAB), speaking at the RSA Conference Asia-Pacific in Singapore.
The FBI has offered temporary security clearances to security officers from U.S. banks in order to share information into repeated cyber attacks which have disrupted online banking websites in recent months.
The American banking system needs to prepare or further cyber attacks in the coming months, a leading financial stability group has warned.
An Oregon farm products company is suing its own bank to recover losses after a phishing attack saw $223,500 transferred to accounts in the Ukraine over a period of three days in 2010.
Representative Mike Rogers, Chairman of the Permanent Select Committee on Intelligence, said that Congress needs to act quickly, in an interview with NBC this week. The websites of major U.S. banks have been offline for 249 hours in the past six weeks, due to a series of sustained cyber attacks by an unknown foreign group.
Analysis of malicious code dubbed Win32/Caphaw (a.k.a. Shylock) attacking major European banks, with ability to automatically steal money when the user is actively accessing his banking account.