Brazilian Banking Trojan Ousaban Targets Spain and Portugal
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing
Coverage of Trojan malware examines reported incidents, technical analysis, infrastructure, disruption efforts, and defensive guidance for reducing cyber risk.
Search across headline titles and summaries.
Background for this topic.
A Trojan is malware that masquerades as legitimate, useful, or necessary software so a user or process runs it. “Trojan” describes a delivery or deception technique rather than one malware family; capabilities vary by sample and may include credential theft, surveillance, file manipulation, or remote access. Unlike self-propagating malware, a Trojan generally depends on being installed or executed through some other means.
Security analysis should identify the specific family and executable behavior rather than treating every Trojan as equivalent. Material concerns include untrusted software and tampered installers, execution under excessive privileges, and unauthorized persistence or access to sensitive data. Defenses include using trusted software sources and code-signature or application-control checks, limiting user privileges, monitoring endpoint process and network activity, and isolating suspected hosts. After detection, preserve relevant evidence, remove persistence, assess credential exposure, and investigate other affected systems before returning the device to normal use.
Weekly headline count for the current query.
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing
Rokarolla Android trojan steals banking logins and spies on victims while blocking fraud alerts
MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto
ThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open Network
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse
Trustwave SpiderLabs has observed new banking Trojan Eternidade Stealer targeting Brazil using WhatsApp for propagation and data theft
A global law enforcement operation has taken down the Rhadamanthys infostealer, VenomRAT trojan and the Elysium botnet
Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan
A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays
The DoubleTrouble Android banking Trojan has evolved, using Discord for delivery and introducing several new features
Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites
A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan
APT36 evolved its remote access trojan, ElizaRAT, along with introducing a new stealer payload called ApoloStealer
The sophisticate campaign, ErrorFather, employs keylogging, virtual networks and a domain generation algorithm to target Android users
Trend Micro said the trojan has been observed masquerading as communications from tax agencies
Cleafy identified five different botnets operated by affiliates, each targeting different geographical areas
The group has been observed exploiting vulnerabilities through SQL injection attacks since 2022
Researchers from Zscaler ThreatLabz observed an uptick in the TeaBot Andoird banking Trojan, also known as Anatsa