The first sign we saw of this malware was in mid-May 2013, but it is still very active, and uses Android to bypass two-factor authentication systems. It clearly seeks to infect Dutch computers - 75% of detections come from this region.
In September we informed about a new banking trojan called Hesperbot (detected as Win32/Spy.Hesperbot). The perpetrators responsible for the threat are still active – November has been particularly eventful. In this post, we’ll give an update on the situation and malware developments.
Cybercriminals are already targeting mobile banking apps as a “way in” to customer accounts – as witnessed in ESET’s discovery of a new, advanced Trojan, Hesperbot. But a new IBM system may help secure smartphones – by using near-field communications chips (NFC) for an additional layer of security. It’s the first system to allow “two-factor”
From legitimate companies delivering software with a “side-order” of malware, to PC attacks that persuade you to infect your own phone, here are some of the latest traps laid by cybercriminals - and how to sidestep them.
A stealthy banking Trojan known as Caphaw or Shylock has resurfaced - and is attacking customers of 24 American banks. It's armed with defensive abilities including the power to "restore" itself during shutdown.
These days cybercriminals will use phone calls, SMS messages, emails, fake apps - and even couriers - in an effort to get your money. The key to staying safe is to recognize behavior that isn’t quite “right” - and catch phishers and fraudsters in the act.
Win32/Spy.Hesperbot is a new banking trojan that has been targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. For more information about its malware spreading campaigns and victims, refer to our first blog post. In this post we’ll cover the technical details of the malware, including the overall architecture, as well as the mobile component.
A new and effective banking trojan has been discovered targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. It uses very credible-looking phishing-like campaigns, related to trustworthy organizations, to lure victims into running the malware.
Mobile banking apps pose an “important risk” to consumers as banks increasingly offer access to banking services via smartphones. A financial watchdog is to investigate the threat of bogus and malicious banking apps.
New analysis and white paper detail how ESET researchers helped stop criminal hackers exploiting a Brazilian government website to retrieve data stolen by Trojan code that used spam and a Chrome browser plugin to steal confidential data from online banking customers.