DoubleLocker: Innovative Android Ransomware

ESET researchers have spotted the first-ever ransomware misusing Android accessibility services. On top of encrypting data, it also locks the device. Detected by ESET products as Android/DoubleLocker.A, the ransomware is based on the foundations of a particular banking Trojan, known for misusing accessibility services of the Android operating system. However, DoubleLocker doesn’t have the functions related … More DoubleLocker: Innovative Android Ransomware

Money-making machine: Monero-mining malware

While the world is holding its breath, wondering where notorious cybercriminal groups like Lazarus or Telebots will strike next with another destructive malware such as WannaCryptor or Petya, there are many other, less aggressive, much stealthier and often very profitable operations going on. One such operation has been going on since at least May 2017, … More Money-making machine: Monero-mining malware

Bankbot trojan returns to Google Play with new tricks

The dangerous Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again, now stealthier than ever. Dubbed BankBot, the banking trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play. The variant we discovered on Google Play on … More Bankbot trojan returns to Google Play with new tricks

Malware warning for Mac users, after HandBrake mirror download server hacked

A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware. The first most Mac users will know about the security incident will be when they visit the app’s website, at https://handbrake.fr, and see a link to a “Security Alert”: Anyone who … More Malware warning for Mac users, after HandBrake mirror download server hacked

Turn the light on and give me your passwords!

Android users were the target of another banking malware with screen locking capabilities, masquerading as a flashlight app on Google Play. Unlike other banking trojans with a static set of targeted banking apps, this trojan is able to dynamically adjust its functionality. Aside from delivering the promised flashlight functionality, this remotely controlled trojan comes with … More Turn the light on and give me your passwords!