banking trojan

April 9, 2019


Gustuff banking botnet targets Australia

1 min read

Cisco Talos has uncovered a new Android-based campaign targeting Australian financial institutions. As the investigation progressed, Talos came to understand that this campaign was associated with the "ChristinaMorrow" text message...

February 20, 2019


Combing Through Brushaloader Amid Massive Detection Uptick

1 min read

Brushaloader is an evolving threat that is being actively developed and refined over time as attackers identify areas of improvement and add additional functionality. Ensure PowerShell logging is enabled and configured on endpoints.

November 8, 2018


Metamorfo Banking Trojan Keeps Its Sights on Brazil

1 min read

Cisco Talos recently identified two ongoing malware distribution campaigns being used to infect victims with banking trojans, specifically financial institutions' customers in Brazil.

September 28, 2017


Banking Trojan Attempts To Steal Brazillion$

1 min read

This post was authored by Warren Mercer, Paul Rascagneres and Vanja Svajcer Introduction Banking trojans are among some of the biggest threats to everyday users as they directly impact the user in terms of financial loss. Talos recently observed a new campaign specific to South America, namely Brazil. This campaign was focused on various South […]

March 30, 2015


Threat Spotlight: Dyre/Dyreza: An Analysis to Discover the DGA

12 min read

This post was authored by Alex Chiu & Angel Villegas. Overview Banking and sensitive financial information is a highly coveted target for attackers because of the high value and obvious financial implications.  In the past year, a large amount of attention has been centered on Point of Sale (PoS) malware due to its major role in […]

March 27, 2013


Thoughts on DarkSeoul: Data Sharing and Targeted Attackers

4 min read

The attacks against South Korean media and banking organizations last week severely disrupted a handful of organizations with a coordinated distribution of “wiper” malware designed to destroy data on hard drives and render them unbootable. At 14:00 KST on March 20, 2013, the wiper was triggered across three media organizations and four banks, setting off […]