Another in our occasional series demystifying Latin American banking trojans In this installment of our series, we introduce Grandoreiro, a Latin American banking trojan targeting Brazil, Mexico, Spain and Peru. As such, it shows unusual effort by its authors to evade detection and emulation, and progress towards a modular architecture. We have seen Grandoreiro being … More Grandoreiro: How engorged can an EXE get?
The scam machine shows no signs of slowing down, as fraudsters dispense bogus health advice, peddle fake testing kits and issue malware-laced purchase orders. With the COVID-19 pandemic surging outside, people are hunkering down inside their houses. Companies are shifting to remote work and urging their employees to work from home while cities, even whole countries, are … More Coronavirus con artists continue to spread infections of their own
There are a multitude of cybersecurity issues that enterprises must negotiate in the current digital landscape, including ransomware. Ransomware is a form of malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data. The devices in question include mobile phones and PCs but also extend to … More Advances in ESET ransomware protection
ESET researchers discover a trojanized Tor Browser distributed by cybercriminals to steal bitcoins from darknet market buyers. Utilizing a trojanized version of an official Tor Browser package, the cybercriminals behind this campaign have been very successful – so far their pastebin.com accounts have had more than 500,000 views and they were able to steal US$40,000+ … More Fleecing the onion: Darknet shoppers swindled out of bitcoins via trojanized Tor Browser
Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient
ESET researchers discovered a campaign that uses two malicious tools with similar capabilities to ensure both resilience and broader potential for the attackers. We’ve discovered an ongoing campaign in the Balkans spreading two tools having a similar purpose: a backdoor and a remote access trojan we named, respectively, BalkanDoor and BalkanRAT. BalkanRAT enables the attacker … More In the Balkans, businesses are under fire from a double‑barreled cyberweapon
These days, there isn’t much that can’t be done on mobile, and that includes banking. Banking apps are quickly becoming the go to method of managing finances, and as a result, mobile banking malware targeting Android phones has become a serious and somewhat underestimated threat. For malware creators motivated by financial gain, banking apps provide … More Banking Malware: Countering the threats with certified (browser) protection