Banking trojans remain one of the most prevalent kinds of malware. Among them, trojans based on Zeus have long been the most prevalent, but in recent months a relatively new trojan has been challenging the reign of Zeus: Vawtrak.
Also known as Neverquest or Snifula, Vawtrak initially targeted users of Japanese banking systems, but it has since broadened its scope. Earlier Sophos researcher looked at the malware's infection vector, as well how it targets banks and other financial institutions. Like a Russian Matryoshka doll, it consists of multiple layers, with each layer containing the next one until the final layer contains a malicious DLL.Read more
The police department of the Chinese city of Wenzhou in southeast China has spent thousands of dollars on a software that installs Trojan horse viruses into mobile phones, allowing police officers to spy on other people's activities on their phones.
Investigative reporter first made the report when he posted on his Sina Weibo page a screenshot of a list of devices that were purchased by the Wenzhou police force and posted on the website of the Wenzhou Economic Technology Department Zone in Zheijiang province. The list includes a lot of Trojan horse viruses for mobile phones and a device that injects the virus into illegally unlocked iOS and Android phones.Read more
German Chancellor Angela Merkel has fallen victim to hacking after a sophisticated computer virus was discovered on the USB drive of one of her aides. The Reign virus, which is believed to have been developed by US and British spying agencies, was detected after one of Mrs Merkel's employees plugged her personal drive into a work laptop.
The woman, who works in close contact with Mrs Merkel, had loaded a speech she was editing on to the drive, took it home to continue working on it, before returning to the office. As she went to plug the drive back into her work computer she was sent a firewall alert saying a virus had been detected.Read more
Researchers have uncovered a new variant of the infamous Zeus Trojan. It’s called Chthonic, a reference to spirits and deities from the underworld in Greek mythology, and it’s targeting 150 banks and 20 payment systems in 15 countries.
Zeus, as its name suggests, is the king of banking malware. It first emerged in 2007 and has been wreaking havoc on online bank accounts ever since. In 2011, its developers threw in the towel and posted its source code for all to see. It may seem as though this would be the end for Zeus, but, in fact, the opposite is true.Read more
Unkillable nasty still climbs out of the grave to this day. The Asprox botnet was responsible for about a lot of attack sessions recorded during October 2014, impacting different organisations.
The Asprox malware family is continuing to plague businesses, despite multiple attempts to disrupt its infrastructure. The Asprox botnet, which first surfaced around six years ago in 2008, has been linked to phishing scam messages as well as the distribution of secondary malware infections. The zombie network also acts as a platform for hack attacks. Asprox spreads through vulnerable websites, using SQL injections attacks to plant malicious code.Read more
Researchers have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.
The previously undiscovered malware represents a missing puzzle piece tied to Turla, a so-called advanced persistent threat disclosed in August. For at least four years, the campaign targeted government institutions, embassies, military, education, research, and pharmaceutical companies in more than 45 countries. The unknown attackers have infected several hundred Windows-based computers by exploiting a variety of vulnerabilities.Read more
The number of Pre-loaded mobile trojan in the wild is increasing, DeathRing is the last one discovered by the experts. It’s not first the time that Android handsets come preloaded with malware, but cyber security experts are warning of a worrying increase of the cases.
The problem is widespread in Asia and Africa, where criminals are able to compromise the supply chain. Similar cases are frequent for a cheap, low-level devices. Security researchers have detected pre-loaded instances of the DeathRing malware, unfortunately they are not currently aware of where in the supply chain the mobile trojan is installed.Read more
Virus analysts explored a new Trojan horse, designed to infect smartphones and tablets running the Android OS. This malicious program is capable of stealing personal information of owners of mobile devices, as well as to steal money from Bank accounts.
To start its malicious activity it can only after installation in the system by the owner of the mobile device. It should be noted that the choice of application for simulation depends entirely on the imagination of writers and can be absolutely anything. Once installed, the Trojan sets up a shortcut on the home screen. In Fact, virus is able to implement on the infected Android device two attack scenario.Read more
The Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products. A new configuration file found on an infected computer targeting processes used by the respective password management tools.
Citadel, like most widely distributed malware families, is crossing over more and more from the realm of cybercrime to APT-style targeted attacks. New features and a hunger for legitimate credentials make the malware, which is already sitting on hundreds of thousands of machines, particularly dangerous to critical infrastructure, in addition to financial services.Read more
Zero day actually refers to two things — a zero-day vulnerability or a zero-day exploit. Zero-day vulnerability refers to a security hole in software — such as browser software or operating system software — that is yet unknown to the software maker or to antivirus vendors.
This means the vulnerability is also not yet publicly known, though it may already be known by attackers who are quietly exploiting it. Because zero day vulnerabilities are unknown to software vendors and to antivirus firms, there is no patch available yet to fix the hole and generally no antivirus signatures to detect the exploit, though sometimes antivirus scanners can still detect a zero day using heuristics.Read more