Alert: Coyote Trojan Strike Compromises 61 Brazilian Banks

Financial cyberattacks pose a significant threat to the stability of global economies and the security of financial institutions. In a recent cybersecurity development, a staggering 61 banks in Brazil have fallen victim ...
macOS malware cracked software trojan

Xenomorph Android Banking Trojan Makes Landfall in US

A sophisticated Android banking trojan that was first seen last year targeting banking apps in several European countries has made its way across the Atlantic Ocean, looking to steal credentials and money ...
Security Boulevard
Alien Mobile Malware Evades Detection, Increases Targets

Alien Mobile Malware Evades Detection, Increases Targets

PhishLabs is monitoring the increasing number of mobile applications targeted by the relatively new Alien Mobile Banking Trojan. Alien, a fork of Cerberus, continues to evade Google’s malware detection and is targeting ...
Surge in ZLoader Attacks Observed

Surge in ZLoader Attacks Observed

| | banking trojan, Ransomware
PhishLabs has observed a spike in malicious emails distributing ZLoader malware. The spike is notably one of the greatest upticks for a single payload observed in a 24-hour period over the past ...
Increased Use of Mobile Banking Apps May Lead to Cyber Attacks, FBI Warns

Increased Use of Mobile Banking Apps May Lead to Cyber Attacks, FBI Warns

The Covid-19 lockdown and stay-at-home orders have changed the way we work, shop and handle our finances. As mobile banking tools become a go-to alternative for customers who continue in the struggle ...
GozNym cyberattackers sentenced in Pittsburgh and Tbilisi, Georgia

GozNym cyberattackers sentenced in Pittsburgh and Tbilisi, Georgia

The U.S. Department of Justice has announced the sentencing of three members of the network behind the GozNym cyberattacks on U.S. entities resulting in the theft of $100 million. Krasimir Nikolov, 47, ...
Active TrickBot Campaign Observed Abusing SendGrid and Google Docs

Active TrickBot Campaign Observed Abusing SendGrid and Google Docs

| | banking trojan, TrickBot
PhishLabs has observed an active TrickBot campaign targeting the employees of multiple organizations. Trickbot is a sophisticated successor of the Dyre Banking Trojan. It uses an intricate network of command and control ...
TrickBot: New Injects, New Host

TrickBot: New Injects, New Host

What’s in the Name: Call it IcedID or TrickBot? Tell that to a security researcher (Arsh Arora in this case) and watch them RANT(Gar-note: today's blog post is a guest blog from ...
$100M ‘GozNym’ Bank Trojan Gang: 6 Arrested, 5 at Large

$100M ‘GozNym’ Bank Trojan Gang: 6 Arrested, 5 at Large

These five handsome specimens are wanted for alleged conspiracy to steal $100 million from bank accounts. Six others are in custody after a coordinated operation by European and U.S. law enforcement ...
Security Boulevard
We will walk through the script to find interesting patterns and deobfuscate the code.

Emotet: Catch Me If You Can (Part 2 of 3)

Emotet is a highly modular banking Trojan that has a proper decision tree-based algorithm to perform designated tasks. Due to Emotet’s capability to deliver obfuscated payloads and extend its capabilities through self-upgradable ...