trojan

Rokarolla Android trojan targets banking and crypto users, enables device takeover

Android, Cryptocurrency, cybercrime, mobile devices, mobile security, News, online banking, trojan, Zimperium /

Rokarolla Android trojan targets banking and crypto users, enables device takeover 2026-06-17 at 16:23 By Sinisa Markovic A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to researchers at Zimperium. Named after its command-and-control (C2) infrastructure, Rokarolla is primarily distributed through […]

Rokarolla Android trojan targets banking and crypto users, enables device takeover Read More »

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight

Android, Credential Harvesting, cyber news, Malware, phishing, spyware, trojan /

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight 2026-05-27 at 09:24 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) has identified a novel Android banking trojan, dubbed OverlayPhantom, actively distributed in the wild via malicious URLs. The malware employs a two-stage infection chain, using a dropper application that impersonates trusted platforms, including

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight Read More »

GitHub-hosted malware campaign uses split payload to evade detection

Don't miss, GitHub, Hot stuff, Malware, Netskope, News, trojan /

GitHub-hosted malware campaign uses split payload to evade detection 2026-03-24 at 13:12 By Zeljka Zorz A large-scale malware delivery campaign has been targeting developers, gamers, and general users through fake tools hosted on GitHub, Netskope researchers have warned. These “lures” are highly polished and appear legitimate, occasionally mimicking real projects, thus making them difficult to

GitHub-hosted malware campaign uses split payload to evade detection Read More »

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns

cyberattack, exploit, Malware, phishing, Remote Access Trojan, social engineering, trojan, vulnerability /

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns 2025-12-19 at 14:43 By rohansinhacyblecom Executive Summary CRIL (Cyble Research and Intelligence Labs) has been tracking a sophisticated commodity loader utilized by multiple high-capability threat actors. The campaign demonstrates a high degree of regional and sectoral specificity, primarily targeting Manufacturing and Government organizations across

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns Read More »

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector

cybercrime, cybersecurity, Don't miss, ESET, Malware, News, North Korea, Remote Access Trojan, scams, threats, trojan /

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector 2025-10-23 at 09:23 By Sinisa Markovic ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several European defense contractors, including firms deeply involved in drone and

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector Read More »

AsyncRAT evolves as ESET tracks its most popular malware forks

cybercrime, cybersecurity, Don't miss, ESET, Keylogger, Malware, News, Remote Access Trojan, research, trojan /

AsyncRAT evolves as ESET tracks its most popular malware forks 2025-07-15 at 12:50 By Sinisa Markovic AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, credential theft, and more. Its simplicity and open-source design have made it

AsyncRAT evolves as ESET tracks its most popular malware forks Read More »

Trojanized SonicWall NetExtender app exfiltrates VPN credentials

data theft, Don't miss, Hot stuff, Microsoft, News, SonicWall, trojan, VPN /

Trojanized SonicWall NetExtender app exfiltrates VPN credentials 2025-06-24 at 15:00 By Zeljka Zorz Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike site(s?). The trojanized SonicWall NetExtender installer SonicWall NetExtender is an SSL‑VPN client used by companies to give remote

Trojanized SonicWall NetExtender app exfiltrates VPN credentials Read More »

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

Banking Trojan, Grandoreiro, Malware, Malware & Threats, trojan /

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe 2025-03-28 at 12:33 By Ionut Arghire The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe Read More »

FBI: Free file converter sites and tools deliver malware

adware, Don't miss, FBI, Hot stuff, Malware, Malwarebytes, News, trojan /

FBI: Free file converter sites and tools deliver malware 2025-03-18 at 13:35 By Zeljka Zorz Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned earlier this month. “To conduct this scheme, cyber criminals across the globe are using any type

FBI: Free file converter sites and tools deliver malware Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor

Hacktivism, Malware, trojan /

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor 2024-12-10 at 16:00 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT

Malware, trojan /

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT 2024-12-10 at 15:03 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT Read More »

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection

trojan, Ursnif /

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection 2024-11-25 at 18:33 By daksh sharma Key takeaways Overview CRIL recently identified an active malicious campaign utilizing a malicious LNK file as the initial infection vector, delivered within a ZIP archive, potentially through spam emails. This LNK file is cleverly disguised as a PDF,

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection Read More »

Windows users targeted with fake human verification pages delivering malware

CloudSEK, Don't miss, Hot stuff, Malware, News, Palo Alto Networks, Proofpoint, trojan, Windows /

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification

Windows users targeted with fake human verification pages delivering malware Read More »

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government

Threat Actor, trojan /

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government 2024-09-04 at 17:01 By Cyble Key takeaways  Overview  Cyble Research and Intelligence Lab (CRIL) has recently discovered a campaign involving malicious ISO files, targeting political figures and government officials within Malaysia. The initial infection vector for this campaign is unclear. The ISO file is crafted with

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government Read More »

New SOHO router malware aims for cloud accounts, internal company resources

data collection, Don't miss, Hot stuff, Lumen, Malware, networking, News, router, SMBs, Trend Micro, trojan /

New SOHO router malware aims for cloud accounts, internal company resources 2024-05-02 at 14:46 By Zeljka Zorz Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket and other cloud-based services. “With the stolen key material, the

New SOHO router malware aims for cloud accounts, internal company resources Read More »

Brokewell: A New Android Banking Trojan Targeting Users In Germany

Banking Trojan, trojan /

Brokewell: A New Android Banking Trojan Targeting Users In Germany 2024-04-25 at 19:32 By neetha871ad236bd Key Takeaways Overview Mobile banking has become increasingly prevalent in recent years, offering users convenient access to financial services at their fingertips. However, with this convenience comes the risk of cyber threats targeting mobile devices, such as Android Banking Trojans.

Brokewell: A New Android Banking Trojan Targeting Users In Germany Read More »

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey? 

Android, Banking Trojan, trojan /

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  2024-02-19 at 12:46 By neetha871ad236bd CRIL analyzes the Brazilian CriminalMW Group’s activities and their rebranding tactics. The post The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  appeared first on Cyble. This article is an excerpt from Cyble View Original

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  Read More »

iOS users beware: GoldPickaxe trojan steals your facial data

China, cybercrime, cybercriminals, cybersecurity, Don't miss, Group-IB, iOS, iPhone, Malware, News, smartphones, trojan /

iOS users beware: GoldPickaxe trojan steals your facial data 2024-02-15 at 12:16 By Help Net Security Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s Threat Intelligence unit, has been attributed to a Chinese-speaking threat actor codenamed GoldFactory, responsible for

iOS users beware: GoldPickaxe trojan steals your facial data Read More »

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication

Android, Banking Trojan, Malware, trojan /

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication 2024-02-01 at 08:17 By neetha871ad236bd Cyble analyzes GreenBean, a new Android Banking Trojan leveraging Simple RealTime Server (SRS) for C&C Communication The post Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication appeared first on Cyble. The post

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication Read More »

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files

Java, Java Runtime Environment, Remote Access Trojan, Saw RAT, trojan /

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files 29/11/2023 at 15:02 By cybleinc CRIL analyzes a new Java-based RAT – SAW that infiltrates users’ systems via LNK files. The post Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files appeared first on Cyble. This article is an excerpt from Cyble

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files Read More »

Scroll to Top