#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for Trojan | Breaking Cybersecurity News | The Hacker News

December Top 10 Malware List !

December Top 10 Malware List !

Jan 11, 2011
GFI Software , a leading IT solutions provider for small and medium-sized enterprises, today revealed continuing high levels of Trojan and rogue malware circulating during December, with data revealing a surge in activity, boosted by themed activity around the Christmas and New Year holiday period. The top 10 data is compiled from monthly scans performed by GFI's award-winning anti-malware solution, VIPRE ®  Antivirus, and its antispyware tool, CounterSpy ® , as a service of GFI Labs™. Users were targeted with a variety of infected email, web links and other delivery mechanisms promising festive information, discount offers, Christmas e-cards and free software. The month also saw the big movie release of the season, Disney's TRON Legacy, targeted by a wide array of SEO poisoned links, unwanted installs and other malware fakery, while a spate of fake iTunes emails caught several people off-guard, resulting in users running afoul of a malicious script that took advantage of a known
Dangerous Mobile Banking Trojan Gets 'Keylogger' to Steal Everything

Dangerous Mobile Banking Trojan Gets 'Keylogger' to Steal Everything

Aug 01, 2017
Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They have now shifted from traditional to more clandestine techniques that come with limitless attack vectors and are harder to detect. Security researchers have discovered that one of the most dangerous Android banking Trojan families has now been modified to add a keylogger to its recent strain, giving attackers yet another way to steal victims sensitive data. Kaspersky Lab's Senior malware analyst Roman Unuchek spotted a new variant of the well-known Android banking Trojan, dubbed Svpeng , in the mid of last month with a new keylogger feature, which takes advantage of Android's Accessibility Services. Trojan Exploits 'Accessibility Services' to Add Keylogger Yes, the keylogger added in the new version of Svpeng takes advantage of Accessibility Services — an Android feature that provides users alternative ways to interact with their smartphone devices. This change makes
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Zeus Alternative Pandemiya Banking Malware For Sale in Underground Forums

Zeus Alternative Pandemiya Banking Malware For Sale in Underground Forums

Jun 13, 2014
A new and relatively rare Zeus Trojan  program has found which is totally different from other banking Trojans and has capability to secretly steal data from forms, login credentials and files from the victim as well as can create fake web pages and take screenshots of victim's computer. Researchers at RSA Security's FraudAction team have discovered this new and critical threat, dubbed as ' Pandemiya ', which is being offered to the cyber criminals in underground forums as an alternative to the infamous Zeus Trojan and its many variants, that is widely used by most of the cyber-criminals for years to steal banking information from consumers and companies. The source code of the Zeus banking Trojan is available on the underground forums from past few years, which lead malware developers to design more sophisticated variants of Zeus Trojan such as Citadel, Ice IX and Gameover Zeus . But, Pandemiya is something by far the most isolated and dangerous piece of malware
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
This Android Hacking Group is making $500,000 per day

This Android Hacking Group is making $500,000 per day

Jul 02, 2016
Own an Android smartphone? Hackers can secretly install malicious apps, games, and pop-up adverts on your smartphone remotely in order to make large sums of money. Security researchers at Cheetah Mobile have uncovered one of the world's largest and most prolific Trojan families, infecting millions of Android devices around the world. Dubbed Hummer , the notorious mobile trojan stealthily installs malicious apps, games, or even porn apps onto victim's phones and yields its creators more than $500,000 (£375,252) on a daily basis. First discovered in 2014 by Cheetah Mobile, Hummer gained traction in early 2016 when the Trojan family was infecting "nearly 1.4 Million devices daily at its peak" with 63,000 infections occurring daily in China, according to researchers at Cheetah Mobile Security Research Lab. "This Trojan continually pops up ads on victims' phones, which is extremely annoying," researchers wrote in a blog post. "It also pushe
Geinimi Trojan targets Android devices !

Geinimi Trojan targets Android devices !

Jan 02, 2011
A data-stealing Trojan affecting Android devices has emerged in China. The Geinimi Trojan sends location co-ordinates, unique device identifiers, and a list of installed apps on the infected device to a remote server. Additionally, it can independently download applications and prompts the user to install them, mobile security company Lookout said on Wednesday. "Geinimi's author(s) have raised the sophistication bar significantly over and above previously observed Android malware by employing techniques to obfuscate its activities," Lookout said in a blog post on Wednesday. "In addition to using an off-the-shelf bytecode obfuscator, significant chunks of command-and-control data are encrypted. While the techniques were easily identified and failed to thwart analysis, they did substantially increase the level of effort required to analyse the malware." When an application containing the Trojan is launched on an Android device, the Trojan will run in the backgro
Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal

Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal

Mar 26, 2014
Zeus Trojan is one of the most popular families of Banking Trojan, which was also used in a targeted malware campaign against a Salesforce.com customer at the end of the last month and researchers found that the new variant of Zeus Trojan has web crawling capabilities that are used to grab sensitive business data from that customer's CRM instance. 'GameOver' Banking Trojan is also a variant of Zeus financial malware that spreads via phishing emails. GameOver Zeus Trojan makes fraudulent transactions from your bank once installed in your system with the capability to conduct Distributed Denial of Service, or DDoS, attack using a botnet , which involves multiple computers flooding the financial institution's server with traffic in an effort to deny legitimate users access to the site. TAREGET - EMPLOYMENT WEBSITES Now, a new variant of GameOver Zeus Trojan has been spotted, targeting users of popular employment websites with social engineering attacks , implemented t
Red Alert 2.0: New Android Banking Trojan for Sale on Hacking Forums

Red Alert 2.0: New Android Banking Trojan for Sale on Hacking Forums

Sep 19, 2017
The Recent discoveries of dangerous variants of the Android banking Trojan families, including Faketoken , Svpeng , and BankBot , present a significant threat to online users who may have their login credentials and valuable personal data stolen. Security researchers from SfyLabs have now discovered a new Android banking Trojan that is being rented on many dark websites for $500 per month, SfyLabs' researcher Han Sahin told The Hacker News. Dubbed Red Alert 2.0 , the Android banking malware has been fully written from scratch, unlike other banking trojans, such as BankBot and ExoBot, which were evolved from the leaked source code of older trojans. The Red Alert banking malware has been distributed via many online hacking forums since last few months, and its creators have continuously been updating the malware to add new functionalities in an effort to make it a dangerous threat to potential victims. Malware Blocks Incoming Calls from Banks Like most other Android b
Trojan.Milicenso Print Bomb - Printer Trojan cause massive printing

Trojan.Milicenso Print Bomb - Printer Trojan cause massive printing

Jun 22, 2012
Trojan.Milicenso - Printer Trojan cause massive printing A Trojan that sends printers crazy, making them print pages of garbled nonsense until all the paper has been used up, has seen a spike in activity.Symantec detected the Trojan.Milicenso across various countries, but the worst hit regions were the US and India followed by regions in South America and Europe, including the UK. According to a blog post published Thursday by researchers from antivirus provider Symantec, Dubbed " Trojan.Milicenso " it has been described by security researchers as a malware delivery vehicle "for hire" through its repeated use since it was first discovered in 2010. The Milicenso Trojan is actually a backdoor that is used to deliver other malware on the affected machines. The infection vectors are links and malicious attachments in unsolicited emails, as well as websites hosting malicious scripts that trigger the download of the Trojan. " Depending on the configuration, any files, including binary
Cerberus: A New Android 'Banking Malware For Rent' Emerges

Cerberus: A New Android 'Banking Malware For Rent' Emerges

Aug 13, 2019
After a few popular Android Trojans like  Anubis ,  Red Alert 2.0 ,  GM bot , and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses. Dubbed " Cerberus ," the new remote access Trojan allows remote attackers to take total control over the infected Android devices and also comes with banking Trojan capabilities like the use of overlay attacks, SMS control, and contact list harvesting. According to the author of this malware, who is surprisingly social on Twitter and mocks security researchers and antivirus industry openly, Cerberus has been coded from scratch and doesn't re-use any code from other existing banking Trojans. The author also claimed to be using the Trojan for private operations for at least two years before renting it out for anyone interested from the past two months at $2000 for 1 month usage, $7000 for 6 months and
Fake WeChat App Targeting Android Users with Banking Trojan

Fake WeChat App Targeting Android Users with Banking Trojan

May 29, 2014
After Whatsapp, The Chinese WeChat is the second most popular messaging application and currently being targeted by cybercriminals to spread a new Banking Trojan in order to steal the financial information from its users. WeChat is a famous mobile instant messaging app developed by Chinese company Tencent, with more than 355 million users across the world. The app offers people to chit-chat with their friends and relatives, and also allows users to make payments for goods and services on WeChat. The Payment feature of the app requires users' bank account details to their messenger account and this is what tempting cybercriminals to develop new and more sophisticated banking Trojans and malwares. The security researchers at Kaspersky Lab have uncovered such banking Trojan, dubbed as Banker.AndroidOS.Basti.a, which looks exactly like the legitimate WeChat application for Android devices. While installation, it also requires the same permissions such as to access the Int
Banking Trojan Gains Ability to Steal Facebook, Twitter and Gmail Accounts

Banking Trojan Gains Ability to Steal Facebook, Twitter and Gmail Accounts

Nov 17, 2017
Security researchers have discovered a new, sophisticated form of malware based on the notorious Zeus banking Trojan that steals more than just bank account details. Dubbed Terdot, the banking Trojan has been around since mid-2016 and was initially designed to operate as a proxy to conduct man-in-the-middle (MitM) attacks, steal browsing information such as stored credit card information and login credentials and injecting HTML code into visited web pages. However, researchers at security firm Bitdefender have discovered that the banking Trojan has now been revamped with new espionage capabilities such as leveraging open-source tools for spoofing SSL certificates in order to gain access to social media and email accounts and even post on behalf of the infected user. Terdot banking trojan does this by using a highly customized man-in-the-middle (MITM) proxy that allows the malware to intercept any traffic on an infected computer. Besides this, the new variant of Terdot
Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

Oct 15, 2016
While some payment card companies like Mastercard have switched to selfies as an alternative to passwords when verifying IDs for online payments, hackers have already started taking advantage of this new security verification methods. Researchers have discovered a new Android banking Trojan that masquerades primarily as a video plugin, like Adobe Flash Player, pornographic app, or video codec, and asks victims to send a selfie holding their ID card, according to a blog post published by McAfee. The Trojan is the most recent version of Acecard that has been labeled as one of the most dangerous Android banking Trojans known today, according to Kaspersky Lab Anti-malware Research Team. Once successfully installed, the trojan asks users for a number of device's permissions to execute the malicious code and then waits for victims to open apps, specifically those where it would make sense to request payment card information. Acecard Steals your Payment Card and Real ID det
New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

Mar 11, 2024 Phishing Attack / Mobile Security
Users in Brazil are the target of a new banking trojan known as  CHAVECLOAK  that's propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin  said . The attack chain involves the use of contract-themed DocuSign lures to trick users into opening PDF files containing a button to read and sign the documents. In reality, clicking the button leads to the retrieval of an installer file from a remote link that's shortened using the Goo.su URL shortening service. Present within the installer is an executable named "Lightshot.exe" that leverages DLL side-loading to load "Lightshot.dll," which is the CHAVECLOAK malware that facilitates the theft of sensitive information. This includes gathering system metadata and running checks to determine whether the compromis
Cybersecurity Resources