banking trojan
-
Astaroth banking trojan leverages GitHub to restore command-and-control, McAfee says
McAfee Labs reported that the Astaroth banking trojan campaign uses GitHub-hosted images with steganography to update configurations and maintain access after C2 takedowns; the campaign targets Brazil and other Latin American countries and is delivered via DocuSign-themed phishing emails.
-
New Android banking trojan Klopatra has infected more than 3,000 devices, Cleafy says
Cleafy said a new Android banking trojan called Klopatra has infected over 3,000 devices, mainly in Spain and Italy, using VNC remote control, dynamic overlays and abuse of Android accessibility services to steal credentials and perform fraudulent transfers.
-
HOOK Android banking trojan adds ransomware overlay, expands remote command set
Security researchers have identified a new HOOK Android banking trojan variant that adds ransomware-style overlays, remote command capabilities, and expanded data-theft features, signaling a growing blend of banking fraud with spyware and ransomware tactics.
-
Source-code leak exposes ERMAC Android banking trojan infrastructure, researchers say
The ERMAC Android banking trojan v3 source code was leaked online, exposing its backend, panel, and exfiltration infrastructure and signaling an expanded targeting scope of over 700 apps, along with notable operational security lapses that could invite further risk from other threat actors.
-
Russian Authorities Arrest Suspects Behind Mamont Banking Trojan
Russian authorities have made significant strides in combating cybercrime with the arrest of three suspects involved in the development of the Mamont malware, a banking trojan targeting Android devices. The arrests, part of a broader crackdown on cyber threats, highlight ongoing efforts to address the rising challenges posed by financial fraud.
