Advanced Threats January 25, 2017 Anatomy of an hVNC Attack 6 min read - Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks.
Malware January 10, 2017 Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil 7 min read - IBM X-Force researchers discovered a new malware called Client Maximus that contains advanced code written specifically to attack banks in Brazil.
Advanced Threats January 4, 2017 Exposing an AV-Disabling Driver Just in Time for Lunch 8 min read - IBM X-Force researchers discovered a malicious AV-disabling driver while investigating a financial malware campaign targeting Brazilian bank accounts.
Advanced Threats November 9, 2016 Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations 6 min read - Researchers discovered a new banking Trojan, TrickBot, that appears to borrow an uncommon webinjection technique from the infamous Dyre family of malware.
Malware September 2, 2016 Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor 10 min read - URLZone, a sophisticated banking Trojan that first emerged in 2009, keeps its inner workings under wraps with extensive anti-research features.
Advanced Threats July 12, 2016 Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym 8 min read - IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.
Malware April 14, 2016 Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim 5 min read - The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan targeting banks in the U.S. and Canada.