Our latest banking malware analysis

Eventbot is the most recent banking trojan for Android and one we looked at recently in a detailed report explaining its operation and the new features it deploys compared to other bankers for Android.

QakBot is a banking Trojan that is considered to be the updated version of the banking Trojan known as QBot. QBot was detected in 2009 and ten years later, in early 2019, Varonis researchers found a new variant of the malware that is currently known as QakBot.

In these times of pandemic, when we’ve all been on lockdown to stop the spread of COVID-19, malware developers are experiencing what is probably one of their busiest periods.

The initial cases have affected banks in the UK, Italy and Spain, although it is likely that banks from other European countries will soon be added to this list.

Recently, Check Point researchers have detected malware for Windows that uses the coronavirus (COVID-19) to infect its victims. This malware campaign has been dubbed 'Vicious Panda', and its main objective is the public sector in Mongolia.

Recently, Check Point researchers have detected malware for Windows that uses the coronavirus (COVID-19) to infect its victims. This malware campaign has been dubbed 'Vicious Panda', and its main objective is the public sector in Mongolia.

The BasBanke banking Trojan, also known as Coybot, is a Brazilian Trojan that we have already discussed in one of our posts.

Cerberus is a well-known banking Trojan for Android that we already discussed in a comprehensive report on how it works in October 2019, when it began to affect Spanish and Latin American entities.

In recent weeks there have been several samples detected of 'Faketoken', a banking Trojan for Android first detected in 2014. These samples would be using infected devices to send spam or phishing SMS messages for propagation. Due to this message sending activity, often to foreign numbers, users infected with Faketoken trojan suffer from an increase in their telephone bills.

According to Forrester, ransomware attacks grew 500% in 2019 compared to 2018. However, in addition to the increase in these types of attack, the presence of malware to undermine cryptocurrencies (29% more) and attacks on IoT devices (10% more) grew also. Such attacks are becoming more and more profitable and, above all, more simple technically than attacks using banking malware.