Latest Banking Trojan news

New Medusa malware variants target Android users in seven countries

The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey.
- Bill Toulas
- June 25, 2024
- 01:02 PM
- 0
Over 90 malicious Android apps with 5.5M installs found on Google Play

Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.
- Bill Toulas
- May 28, 2024
- 05:48 PM
- 7
Banking malware Grandoreiro returns after police disruption

The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.
- Bill Toulas
- May 18, 2024
- 10:12 AM
- 0
Finland warns of Android malware attacks breaching bank accounts

Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
- Bill Toulas
- May 05, 2024
- 10:19 AM
- 0
New Brokewell malware takes over Android devices, steals data

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.
- Bill Toulas
- April 25, 2024
- 06:00 AM
- 2
SoumniBot malware exploits Android bugs to evade detection

A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure.
- Bill Toulas
- April 17, 2024
- 05:38 PM
- 0
Vultur banking malware for Android poses as McAfee Security app

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism.
- Bill Toulas
- March 30, 2024
- 11:56 AM
- 0
PixPirate Android malware uses new tactic to hide on phones

The latest version of the PixPirate banking trojan for Android employs a previously unseen method to hide from the victim while remaining active on the infected device even if its dropper app has been removed.
- Bill Toulas
- March 13, 2024
- 02:13 PM
- 1
Hackers abuse Google Cloud Run in massive banking trojan campaign

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
- Bill Toulas
- February 21, 2024
- 04:07 PM
- 0
Anatsa Android malware downloaded 150,000 times via Google Play

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play.
- Bill Toulas
- February 19, 2024
- 08:34 AM
- 1
New ‘Gold Pickaxe’ Android, iOS malware steals your face for fraud

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.
- Bill Toulas
- February 15, 2024
- 03:00 AM
- 2
Police disrupt Grandoreiro banking malware operation, make arrests

The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking countries with financial fraud since 2017.
- Bill Toulas
- January 30, 2024
- 10:46 AM
- 0
Ten new Android banking trojans targeted 985 bank apps in 2023

This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries.
- Bill Toulas
- December 14, 2023
- 02:40 PM
- 0
FjordPhantom Android malware uses virtualization to evade detection

A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection.
- Bill Toulas
- November 30, 2023
- 09:00 AM
- 0
Android malware Xenomorph runs new campaign targeting the U.S.

After several months of operational hiatus, Xenomorph Android malware has launched a new campaign that targets users in the United States, Canada, Spain, Italy, Portugal, and Belgium.
- Bill Toulas
- September 25, 2023
- 11:24 AM
- 0
New Android MMRat malware uses Protobuf protocol to steal your data

A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from compromised devices.
- Bill Toulas
- August 29, 2023
- 02:04 PM
- 0
Anatsa Android trojan now steals banking info from users in US, UK

A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland.
- Bill Toulas
- June 26, 2023
- 01:21 PM
- 1
New Horabot campaign takes over victim's Gmail, Outlook accounts

A previously unknown campaign involving the Horabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool.
- Bill Toulas
- June 01, 2023
- 04:54 PM
- 1
Xenomorph Android malware now steals data from 400 banks

The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system (ATS) framework and the ability to steal credentials for 400 banks.
- Bill Toulas
- March 10, 2023
- 05:24 AM
- 0
Over 1,800 Android phishing forms for sale on cybercrime market

A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps
- Bill Toulas
- February 01, 2023
- 05:30 PM
- 0