A Deep Dive Into IcedID Malware: Part I – Unpacking, Hooking and Process Injection

IcedID is a banking trojan which performs web injection on browsers and acts as proxy to inspect and manipulate traffic. It steals information, such as credentials, from victims. It then sends that stolen information to a remote server. Recently, the FortiGuard Labs team started to investigate some IcedID samples. In this Continue Reading

Android Malware Masquerades as Banking App, Part II

New variants of android banking malware target even more German banks, popular social media apps, and more Summary In my previous blog I provided a detailed analysis of a new android banking malware that spoofed the mobile applications of several large German banks to trick users into revealing their banking Continue Reading

Android Banking Malware Masquerading as Email App Targets German Banks

Summary We recently found an Android banking malware masquerading as an email app that targets several large German banks. This banking malware is designed to steal login credentials from 15 different mobile banking apps for German banks. It also has the ability to resist anti-virus mobile apps, as well as Continue Reading

Android banking malware masquerades as Flash Player, targeting large banks and popular social media apps

Active users of mobile banking apps should be aware of a new Android banking malware campaign targeting customers of large banks in the United States, Germany, France, Australia, Turkey, Poland, and Austria. This banking malware can steal login credentials from 94 different mobile banking apps. Due to its ability to Continue Reading

New Era in Anti-Virus Detection Evasions

In the last couple of months, we wrote about the discoveries we found in Dridex, the long-lived banking Trojan that is still quite active in-the-wild. In the blog post, TL;DR, we mentioned the Trojan has equipped with new module that could be used to evade one of the anti-virus products, Continue Reading

>