VB Migration

Tag: vawtrak

  • VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

    Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the most prevalent banking trojans of the moment, so while the arrest might not have a significant impact on cybercrime overall, it is good news: it sends the important message…

  • VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

    Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the most prevalent banking trojans of the moment, so while the arrest might not have a significant impact on cybercrime overall, it is good news: it sends the important message…

  • Vawtrak uses Tor2Web to connect to Tor hidden C&C servers

    Option hides the servers, without having to include a Tor client in the malware. The authors of the Vawtrak trojan (also known as Neverquest) have moved some of its C&C servers to Tor hidden services and made the malware use Tor2Web to connect to them, Fortinet researcher Raul Alvarez writes . The use of hidden…

  • Vawtrak trojan spread through malicious Office macros

    Users easily tricked, but plenty of opportunity for the malware to be blocked. Researchers at Trend Micro report that the ‘Vawtrak’ banking trojan now also spreads through Office macros, embedded in documents that are attached to spam emails. Vawtrak rose to prominence late last year, when it broadened its scope from targeting Japanese banking users…

  • Low VirusTotal detection rates for new malware, do they matter?

    It is not as important as is often suggested — and doesn’t mean the malware is allowed to execute. It is fairly common these days for security researchers to write about new malware attacks and point to low anti-virus detection rates when the affected sample is uploaded to VirusTotal ‘s multi-AV scanning service. But do…

  • Paper: Nesting doll: unwrapping Vawtrak

    Raul Alvarez unwraps the many layers of an increasingly prevalent banking trojan. Banking trojans remain one of the most prevalent kinds of malware. Among them, trojans based on Zeus have long been the most prevalent, but in recent months a relatively new trojan has been challenging the reign of Zeus: Vawtrak. Also known as Neverquest…