Trojan stories

Kaspersky experts have identified a new malicious campaign targeting Linux systems, where threat actors deployed a backdoor - a type of Trojan - onto victims’ devices.

Infoblox has published a second threat report with critical updates on “Decoy Dog,” the remote access trojan (RAT) toolkit they disclosed in April 2023. 

"This attack pattern emphasises the importance for companies to implement a multi-layered cyber security strategy and to prioritise patching quickly when vulnerabilities are disclosed."

Rhreat actors are going after victims’ cryptocurrency funds using trojanised Telegram and WhatsApp applications.

Meanwhile, Emotet Trojan and Formbook Infostealer climbed the ranking taking second and third place respectively, while Education/Research remained the most targeted industry.

Zimperium has revealed details of a newly discovered Android threat campaign that has been stealing Facebook credentials from unsuspecting users since 2018.

This month saw keylogger AgentTesla take first place as the most widespread malware, impacting 7% of organisations worldwide.

Global cybersecurity company Kaspersky warns of more mobile banking attacks against Android and iOS devices in APAC.

In 2022 the number of Trojan-PSW detections increased by almost a quarter compared to the same period in 2021 to reach 4,003,323.

Researchers have discovered a sophisticated malicious cryptocurrency scheme that targets mobile devices running Android or iOS.

Formbook, Emotet, and Trickbot take the top three spots in November's list from the Check Point Software threat intelligence arm.

"We’ve seen how cybercriminals are spreading malicious files through the ad blocks in such apps, and it’s putting the users at risk."

Agent Tesla originally surfaced in 2014. It is widely available on criminal marketplaces, and continues to evolve.

Many significant cybersecurity events have occurred since the year 2000 — not every one of them ‘firsts’, but all of them correlating with a change in security behaviour or protection.

Kaspersky detected more trojans, backdoors and worms than last year, representing an overall 5.2% increase in detected malicious files year-on-year.

"We recommend that financial institutions watch these threats closely, while improving their authentication processes, boosting anti-fraud technology and threat intelligence data, and trying to understand and mitigate all risks of this new mobile RAT family.”

The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.

ESET researchers have discovered a trojanised Tor Browser that cybercriminals use to steal bitcoins from darknet market buyers.

Financial malware, that is malware that targets finances, cryptocurrencies and web-money services, has increased by 7% from the same period last year, according to new research from Kaspersky.

DanaBot is a Trojan written in the Delphi programming language that includes banking site web injections and stealer functions.

The malicious Chrome extension asks for elevated permissions & steals credentials from sites such as Amazon, GitHub, Live.com, My Monero, plus others.

Cybercriminals who use botnets to conduct their attacks are shifting away from single-purpose malware .

Check Point’s latest Global Threat Index reveals that Trojan malware families enter Top 10 Most Wanted Ranking; Cryptomining remains top of the list.

The attacks deliver the Trojan.Kampirs malware and appear to be carefully targeted, with significant planning behind the scenes.