The malware s attack chain. (Source: Trend Micro) Researchers from security firm Trend Micro have found a new infostealer malware strain, written in the AutoHotkey programming language, that is capable of stealing banking credentials from different web browsers.
The campaign, which began earlier this year, has been active across the U.S and Canada and has targeted the customers of Scotia Bank, PayPal, Royal Bank of Canada, Capital One and HSBC, among other banks. In mid-December, we discovered a campaign that distributed a credential stealer. By tracking the campaign components, we found out that its activity has been occurring since early 2020, Trend Micro notes. Our telemetry tracked the malware s command-and-control servers and determined that these come from the U.S., the Netherlands, and Sweden. We also learned that the malware has been targeting financial institutions in the US and Canada.”
Get Permission
A cybercriminal gang known as UltraRank has launched a new campaign, targeting at least a dozen e-commerce sites to steal payment card data using a JavaScript sniffer, says security firm Group-IB.
This new series of attacks, which began in November, uses a relatively new JavaScript-sniffer called SnifLite, according to Group-IB. The firm’s researchers contacted all the companies affected, but as of Wednesday, eight of the targeted sites remained infected with the malicious JavaScript code, they say. We assume that the gang will continue the infections as part of this campaign, as their operations in the past followed the same pattern of infections distributed over time, says Viktor Okorokov, threat intelligence and attribution analyst at Group-IB.
Twitter LinkedIn
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware! Join us as we explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. We will also share a special treat - a (pre-recorded) hacking demo by Kevin Mitnick.
You will learn:
Why rogue documents, establishing fake relationships & getting you to compromise your ethics are so effective
Details behind clickjacking and web beacons
Actionable steps on how to defend against them all
Get Permission
IBM Trusteer reports that a hacking group is using mobile emulators to spoof banking customers mobile devices and steal millions of dollars from banks in the U.S. and Europe.
Although the first wave of attacks using these mobile emulators has been stopped and the banks affected by the hacking have been notified, a second wave of attempts is likely already underway, says Limor Kessem, executive security adviser with IBM Security.
Mobile emulators, which can mimic the activities of mobile devices, typically are used by developers to test applications and features on a wide array of device types.