#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Trojan | Breaking Cybersecurity News | The Hacker News

Russia arrests 50 hackers who stole $25 million from Banks

Russia arrests 50 hackers who stole $25 million from Banks

Jun 03, 2016
Russian authorities have arrested a gang of 50 hackers suspected of stealing more than 1.7 Billion Rubles ( over US$25 Million ) from banks and other financial institutions in the country since 2011. The same criminal gang had tried to steal a further 2.273 Billion Roubles by issuing false payment instructions, but that were blocked. The group allegedly used a Trojan called " Lurk " to set up a network of bots on infected computers to carry out the attacks, according to Russia's FSB ( Federal Security Service ). Initially identified in 2012, Lurk is a "fileless" Trojan that runs in RAM and has mostly been used for collecting banking credentials, especially for banks in Eastern Europe and the Russian Federation. The criminal gang allegedly seeded some of Russia's most popular websites with Lurk. Once infected, the malware downloaded more software modules, allowing the hackers to gain remote access to victims' computers. The hackers then stole
Whistleblowers' Lawyer Finds Malware On Hard Disk Planted By Police

Whistleblowers' Lawyer Finds Malware On Hard Disk Planted By Police

Apr 16, 2015
An Arkansas lawyer representing three police whistleblowers has claimed that the law enforcement officials at the Fort Smith Police Department (FSPD) tried to infect his computer with Trojan viruses in order to spy on their legal opponents. What's the issue? A lawyer Matthew Campbell of the Pinnacle Law Firm in North Little Rock is representing Don Paul Bales, Rick Entmeier, and Wendall Sampson, current and former officers of the Fort Smith Police Department in the lawsuit since January 2014. The three whistleblowers exposed some frauds within the corrupt department, and, therefore, the police have illegally investigated them. " Since July 2013, the plaintiffs have been the target of nearly two dozen various investigations , Campbell told the Northwest Arkansas Democrat Gazette. " [This range] from accusations that they misspent FSPD funds to allegations that they were impugning the FSPD on Facebook. " What happened? Campbell provided a blank ha
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
AOL Advertising Network Abused to Distribute Malware

AOL Advertising Network Abused to Distribute Malware

Jan 07, 2015
Security researchers have uncovered a malvertising campaign used to distribute malware to visitors of The Huffington Post website, as well as several other sites, through malicious advertisements served over the AOL  advertising  network . At the end of last year, Cyphort Labs, security firm specialized in detecting malware threats, came across some malicious advertisements that were being served on the United States and Canadian versions of the popular news website The Huffington Post . The malicious advertisements eventually redirected visitors of the news website to other websites hosting exploit kits, in order to attack victims' computers and install malware. Researchers discovered that the malvertising campaign originates with ads being served by AOL's Advertising.com network. Once clicked, users are redirected through a series of redirects, some of which used HTTPS encrypted connections, to a page that served either the Neutrino Exploit Kit or the Sweet Orange E
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
After Takedown, GameOver Zeus Banking Trojan Returns Again

After Takedown, GameOver Zeus Banking Trojan Returns Again

Jul 12, 2014
A month after the FBI and Europol took down the GameOver Zeus botnet by seizing servers and disrupting the botnet's operation, security researchers have unearthed a new variant of malware based explicitly on the same Gameover ZeuS that compromised users' computers and collectively formed a massive botnet. GAMEOVER ZEUS TROJAN The massive botnet, essentially a collection of zombie computers, specifically was designed to steal banking passwords with the capability to perform Denial of Service (DoS) attacks on banks and other financial institutions in order to deny legitimate users access to the site, so that the thefts kept hidden from the users. As a result of it, Gameover ZeuS' developers have stolen more than $100 million from banks, businesses and consumers worldwide. NEW GAMEOVER ZEUS TROJAN On Thursday, security researchers at the security firm Malcovery came across a series of new spam campaigns that were distributing a piece of malware based on the Gameover Zeus code which
New Banking Malware with Network Sniffer Spreading Rapidly Worldwide

New Banking Malware with Network Sniffer Spreading Rapidly Worldwide

Jun 28, 2014
The hike in the banking malware this year is no doubt almost double compared to the previous one, and so in the techniques of malware authors. Until now, we have seen banking Trojans affecting devices and steal users' financial credentials in order to run them out of their money. But nowadays, malware authors are adopting more sophisticated techniques in an effort to target as many victims as possible. BANKING MALWARE WITH NETWORK SNIFFING Security researchers from the Anti-virus firm Trend Micro have discovered a new variant of banking malware that not only steals users' information from the device it has infected but, has ability to " sniff " network activity in an effort to compromise the devices of same network users as well. The banking malware, dubbed as EMOTET spreads rapidly through spammed emails that masquerade itself as a bank transfers and shipping invoices. The spammed email comes along with an attached link that users easily click, considering that t
Cybersecurity Resources