#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Android Banking | Breaking Cybersecurity News | The Hacker News

Category — Android Banking
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions

Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions

Sep 26, 2023 Mobile Security / Malware
An updated version of an  Android banking trojan  called  Xenomorph  has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent countries targeted comprise Spain, Canada, Italy, and Belgium. "This new list adds dozens of new overlays for institutions from the United States, Portugal, and multiple crypto wallets, following a trend that has been consistent amongst all banking malware families in the last year," the company  said  in an analysis published Monday. Xenomorph is a variant of another banker malware called Alien which  first emerged  in 2022. Later that year, the financial malware was propagated via a new dropper dubbed  BugDrop , which bypassed security features ...
Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

Jul 17, 2023 Malware / Cyber Threat
Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called  LokiBot  on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin  said . "It primarily targets Windows systems and aims to gather sensitive information from infected machines." The cybersecurity company, which spotted the campaign in May 2023, said the attacks take advantage of  CVE-2021-40444  and  CVE-2022-30190  (aka Follina) to achieve code execution. The Word file that weaponizes CVE-2021-40444 contains an external GoFile link embedded within an XML file that leads to the download of an HTML file, which exploits Follina to download a next-stage payload, an injector module written in Visual Basic that decrypts and launches LokiBot. The injector also features evasion techniques to check for the presence ...
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Feb 11, 2025Software Security / Threat Intelligence
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn't buy a car without knowing its safety features, you shouldn't deploy software without understanding the risks it introduces. The Rising Threat of Supply Chain Attacks Cybercriminals have recognized that instead of attacking an organization head-on, they can infiltrate through the software supply chain—like slipping counterfeit parts into an assembly line. According to the 2024 Sonatype State of the Software Supply Chain report , attackers are infiltrating open-source ecosystems at an alarming rate, with over 512,847 malicious packages detected last year alone—a 156% increase from the previous year. Traditional sec...
Expert Insights / Articles Videos
Cybersecurity Resources