tag = "Trojan"

Dyre Banking Trojan, Tyupkin ATM Malware, iWorm Botnet and More | TWIC – October 10, 2014

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Smash & Grab cybercrime attacks have been active since mid-June

Last week, researchers at Proofpoint reported an attack campaign, which was dubbed “Smash & Grab," targeting customers of JP Morgan Chase. Based on intelligence from the Phishlabs R.A.I.D. (Research, Analysis, and Intelligence Division), the “Smash & Grab" operations have been active since at least mid-June. The attacks use email messages to direct potential victims to a phishing page. Visitors to the phishing page are also exposed to an exploit kit that abuses software vulnerabilities to infect victims with malware.

Vulnerabilities found in Dendroid mobile Trojan

The full source code of the Dendroid Android RAT was leaked late last week. Analyzing the code has revealed multiple vulnerabilities due to lack of user input including XSS, SQLi, and PHP Code Execution.