VB Migration

Tag: banking

  • VB2017 video: Client Maximus raises the bar

    Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware strains written explicitly to target the country. One of them is Client Maximus, a banking trojan discovered in 2017 by researchers from IBM Trusteer…

  • VB2017 video: Client Maximus raises the bar

    Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware strains written explicitly to target the country. One of them is Client Maximus, a banking trojan discovered in 2017 by researchers from IBM Trusteer…

  • MnuBot banking trojan communicates via SQL server

    Researchers at IBM X-Force have discovered a new banking trojan, dubbed ‘MnuBot’, which is targeting Internet users in Brazil. The trojan performs tasks common to banking malware, such as logging keystrokes, creating screenshots and overlaying the bank’s website with an invisible form. What is most noticeable, though, is the use of a Microsoft SQL server…

  • MnuBot banking trojan communicates via SQL server

    Researchers at IBM X-Force have discovered a new banking trojan, dubbed ‘MnuBot’, which is targeting Internet users in Brazil. The trojan performs tasks common to banking malware, such as logging keystrokes, creating screenshots and overlaying the bank’s website with an invisible form. What is most noticeable, though, is the use of a Microsoft SQL server…

  • VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

    Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is known for its regular updates, with its use of SMB for lateral movement particularly noteworthy. Symantec ‘s Director of Threat Research Andrew Brandt is one of many…

  • VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

    Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is known for its regular updates, with its use of SMB for lateral movement particularly noteworthy. Symantec ‘s Director of Threat Research Andrew Brandt is one of many…

  • VB2016 paper: Diving into Pinkslipbot’s latest campaign

    Pinkslipbot, also known as Qakbot or Qbot, is a banking trojan that makes the news every once in a while, yet never seems to get the attention of the world’s Zbots and Dridexes. I looked at the malware myself three years ago , but since then it has been updated several times, the most recent…

  • VB2016 paper: Diving into Pinkslipbot’s latest campaign

    Pinkslipbot, also known as Qakbot or Qbot, is a banking trojan that makes the news every once in a while, yet never seems to get the attention of the world’s Zbots and Dridexes. I looked at the malware myself three years ago , but since then it has been updated several times, the most recent…

  • VB2016 video: Nymaim: the Untold Story

    Every year, the Virus Bulletin conference programme includes a number of ‘last-minute’ papers: presentations on topics that are so hot, they are added to the programme only a few weeks before the start of the conference. While the short time frame means there isn’t enough time to add an accompanying written paper to the conference…

  • VB2016 video: Nymaim: the Untold Story

    Every year, the Virus Bulletin conference programme includes a number of ‘last-minute’ papers: presentations on topics that are so hot, they are added to the programme only a few weeks before the start of the conference. While the short time frame means there isn’t enough time to add an accompanying written paper to the conference…