Viruslist News

  • Future attack scenarios against ATM authentication systems


    The report comprises two papers in which we analyze all existing methods of authentication used in ATMs and those expected to be used in the near future, including: contactless authentication through NFC, one-time password authentication and biometric authentication systems, as well as potential vectors of attacks using malware, through to network attacks and attacks on hardware components.
  • The banker that can steal anything


    The use of root privileges is not typical for banking malware attacks, because money can be stolen in numerous other ways that don't require exclusive rights. However, in early February 2016, Kaspersky Lab discovered Trojan-Banker.AndroidOS.Tordow.a, whose creators decided that root privileges would come in handy.
  • Fooling the ‘Smart City’


    The concept of a smart city brings together many modern technologies and solutions. Smart city infrastructures develop faster than security tools do, leaving ample room for the activities of both curious researchers and cybercriminals.
  • Rooting Pokémons in Google Play Store


    A few days ago we reported to Google the existence of a new malicious app in the Google Play Store. The Trojan presented itself as the "Guide for Pokémon Go". According to the Google Play Store it has been downloaded more than 500,000 times.
  • Gugi: from an SMS Trojan to a Mobile-Banking Trojan


    In the previous article, we described the mechanisms used by Trojan-Banker.AndroidOS.Gugi.c to bypass a number of new Android 6 security features. In this article, we review the entire Gugi mobile-banking Trojan family in more detail.
  • A malicious pairing of cryptor and stealer


    After a successful infection, RAA executes its main task, i.e. encrypts the user's files. However, it doesn't stop there: some versions of RAA also include a Pony Trojan file, which steals confidential information from the infected computer.
  • The Missing Piece – Sophisticated OS X Backdoor Discovered


    Back in January this year we found a new family of cross-platform backdoors for desktop environments. After the discovery of the binaries for Linux and Windows systems, we have now finally come across the OS X version of Mokes.A.
  • Banking Trojan, Gugi, evolves to bypass Android 6 protection


    We have found a new modification of the mobile banking Trojan, Trojan-Banker.AndroidOS.Gugi.c that can bypass two new security features added in Android 6: permission-based app overlays and a dynamic permission requirement for dangerous in-app activities such as SMS or calls. The modification does not use any vulnerabilities, just social engineering.
  • How Trojans manipulate Google Play


    It is far from easy for the app to get into Google Play. Some malware writers give up their efforts to push their malicious creations past security checks, and instead learned how to use the store’s client app in their dark business.
  • The Hunt for Lurk


    In June, 2016, the Russian police arrested the alleged members of the criminal group known as Lurk. The police suspected Lurk of stealing nearly three billion rubles. The story of Lurk gives some idea of the amount of work that has to be done to obtain enough evidence to arrest and prosecute suspects.

Leave a Reply

Your email address will not be published. Required fields are marked *