On July 27, 2017, in coordination with Luciano Martins, Director of Cyber Risk Services at Deloitte, Flashpoint observed a new version – “1000029” – of the formidable “Trickbot” banking Trojan with a new “worm64Dll” module, spread via the email spam vector, impersonating invoices from a large international financial institution.
Once a user has been phished, how long does it take for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva researchers went undercover by creating 90 personal online accounts, including email and file sharing accounts with Google and Dropbox. Once the so-called honey pot accounts were active, the researchers deployed techniques to lure in the...
Read More
It’s normal for Android apps to download plugins. The main application might just be a “view folder” while plugins provide much of the functionality. It’s not so normal when one of those plugins tries to steal your SMS messages.
Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C server that both programs used – cl.ezreal.space:20480 – that suggested a relationship between them. Kaspersky Lab products detect the new malicious program as Backdoor.Win32.CowerSnail.
A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would pique user interests, with the “Subject” line typically containing something about recent news. Although HawkEye malware has several different capabilities, it is...
Read More