Android Banking Malware Masquerading as Email App Targets German Banks

Summary We recently found an Android banking malware masquerading as an email app that targets several large German banks. This banking malware is designed to steal login credentials from 15 different mobile banking apps for German banks. It also has the ability to resist anti-virus mobile apps, as well as Continue Reading

A Peek into BlackMoon’s Sustained Attacks against South Korea

A few months ago, we talked about a malicious campaign that targets South Korean users in the form of malware known as BlackMoon. BlackMoon is a banking Trojan that installs a proxy auto-config file (PAC) on an infected system in order to redirect users’ browsers to phishing pages related to Continue Reading

Buggy Russian Ransomware Inadvertently Allows Free Decryption 

Fortinet recently encountered a new ransomware variant that targets a Russian-speaking audience. The file is hosted on a Russian file hosting site, and is likely propagated via drive-by download. It encrypts files and appends the extension with crypt38. The malware author asks for 1000 Rubles – around $15 USD- and Continue Reading