PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Financial malware

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

APTAPT reportsFinancial malwareOlympic DestroyerSecurity FeedsSofacyTargeted Attacks

Threats in the Netherlands

Introduction On October 4, 2018, the MIVD held a press conference about an intercepted cyberattack on the OPWC in the Netherlands, allegedly by the advanced threat actor Sofacy (also known as APT28 or Fancy Bear, among others). According to the MIVD, four suspects were caught red handed trying to break into the OPWC’s network. Sofacy activity in the Netherlands did not come as a surprise to us, since we have seen signs of its presence in that country before. However, aside from Sofacy we…

Financial malwareMalware DescriptionsSecurity FeedsTrojan Banker

The rise of mobile banker Asacub

We encountered the Trojan-Banker.AndroidOS.Asacub family for the first time in 2015, when the first versions of the malware were detected, analyzed, and found to be more adept at spying than stealing funds. The Trojan has evolved since then, aided by a large-scale distribution campaign by its creators (in spring-summer 2017), helping Asacub to claim top spots in last year’s ranking by number of attacks among mobile banking Trojans, outperforming other families such as Svpeng and Faketoken. We decided to take a peek under the…

Apple MacOSAPT reportsFeaturedFinancial malwareLazarusMalware DescriptionsSecurity FeedsSpear Phishing

Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware

Overview Lazarus has been a major threat actor in the APT arena for several years. Alongside goals like cyberespionage and cybersabotage, the attacker has been targeting banks and other financial companies around the globe. Over the last few months, Lazarus has successfully compromised several banks and infiltrated a number of global cryptocurrency exchanges and fintech companies. Kaspersky Lab has been assisting with incident response efforts. While investigating a cryptocurrency exchange attacked by Lazarus, we made an unexpected discovery. The victim had been infected with…

Financial malwareMalware DescriptionsSecurity Feeds

Dark Tequila Añejo

Dark Tequila is a complex malicious campaign targeting Mexican users, with the primary purpose of stealing financial information, as well as login credentials to popular websites that range from code versioning repositories to public file storage accounts and domain registrars. A multi-stage payload is delivered to the victim only when certain conditions are met; avoiding infection when security suites are installed or the sample is being run in an analysis environment. From the target list retrieved from the final payload, this particular campaign targets…

FeaturedFinancial malwareIoTMalware DescriptionsMalware reportsMalware StatisticsMinerMobile MalwarePOS malwareSecurity FeedsTrojan BankerVulnerabilities and exploits

IT threat evolution Q2 2018. Statistics

Q2 figures According to KSN: Kaspersky Lab solutions blocked 962,947,023 attacks launched from online resources located in 187 countries across the globe. 351,913,075 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the computers of 215,762 users. Ransomware attacks were registered on the computers of 158,921 unique users. Our File Anti-Virus logged 192,053,604 unique malicious and potentially unwanted objects. Kaspersky Lab products for mobile devices detected:…

FeaturedFinancial malwareMalware DescriptionsMalware reportsMalware StatisticsMobile MalwarePOS malwareSecurity FeedsTrojan-BankersVulnerabilities and exploits

IT threat evolution Q1 2018. Statistics

Q1 figures According to KSN: Kaspersky Lab solutions blocked 796,806,112 attacks launched from online resources located in 194 countries across the globe. 282,807,433 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the computers of 204,448 users. Ransomware attacks were registered on the computers of 179,934 unique users. Our File Anti-Virus logged 187,597,494 unique malicious and potentially unwanted objects. Kaspersky Lab products for mobile devices detected:…

APTCyber espionageDATA LEAKFeaturedFinancial malwareHacking TeamIoTmalware descriptionMalware reportsMobile MalwareNation State Sponsored EspionageSecurity FeedsSofacySpearphishingTargeted AttacksTrojan-BankersVulnerabilities and exploitsWiperWormZero-day vulnerabilities

IT threat evolution Q1 2018

Targeted attacks and malware campaigns Skygofree:  sophisticated mobile surveillance In January, we uncovered a sophisticated mobile implant that provides attackers with remote control of infected Android devices.  The malware, called Skygofree (after one of the domains it uses), is a targeted cyber-surveillance tool that has been in development since 2014.  The malware is spread by means of spoofed web pages that mimic leading mobile providers.  The campaign is ongoing and our telemetry indicates that there have been several victims, all in Italy.  We feel…

ATMFinancial malwareMalware DescriptionsPublicationsSecurity Feeds

Goodfellas, the Brazilian carding scene is after you

There are three ways of doing things in the malware business: the right way, the wrong way and the way Brazilians do it. From the early beginnings, using skimmers on ATMs, compromising point of sales systems, or even modifying the hardware of processing devices, Latin America has been a fertile ground for collecting credit and debit cards en masse. Brazil started the migration to EMV cards in 1999 and nowadays almost all cards issued in the country are chip-enabled. A small Java-based application lives…