Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient
These days, there isn’t much that can’t be done on mobile, and that includes banking. Banking apps are quickly becoming the go to method of managing finances, and as a result, mobile banking malware targeting Android phones has become a serious and somewhat underestimated threat. For malware creators motivated by financial gain, banking apps provide … More Banking Malware: Countering the threats with certified (browser) protection
Bank of Valetta, which went dark for a day after the fraudulent transfers of €13 million, is now looking to get the money back. Things are getting back to normal for Bank of Valetta (BOV) and its customers following a cyberattack that caused Malta’s largest bank to take the unprecedented step of temporarily shutting down … More Malta’s leading bank resumes operations after cyberheist-induced shutdown
An interview with ESET malware researcher Lukáš Štefanko about Android banking malware, the topic of his latest white paper. Banking malware continued to plague the Android platform throughout 2018, with cybercrooks relentlessly targeting users with banking Trojans and fake banking apps, but also experimenting with new money-stealing techniques. To help users navigate the tricky and expanding landscape of Android … More Navigating the murky waters of Android banking malware
ESET researchers discovered a new Android Trojan using a novel Accessibility-abusing technique that targets the official PayPal app, and is capable of bypassing PayPal’s two-factor authentication. There is a new Trojan preying on Android users, and it has some nasty tricks up its sleeve. First detected by ESET in November 2018, the malware combines the … More Android Trojan steals money from PayPal accounts even with 2FA on
The malicious apps have all been removed from the official Android store but not before the apps were installed by almost 30,000 users. Malware authors keep testing the vigilance of Android users by sneaking disguised mobile banking Trojans into the Google Play store. We’ve recently analyzed a set of 29 such stealthy Trojans, found in … More Banking Trojans continue to surface on Google Play
ESET researchers have discovered new DanaBot campaigns targeting a number of European countries. Recently, we have spotted a surge in activity of DanaBot, a stealthy banking Trojan discovered earlier this year. The malware, first observed in campaigns targeting Australia and later Poland, has apparently expanded further, with campaigns popping up in Italy, Germany, Austria, and … More DanaBot shifts its targeting to Europe, adds new features
