Android Banking Trojan Zanubis Evolves to Target Peruvian Users
The Trojan utilizes the Obfuscapk obfuscator for Android APK files, Kaspersky explained
Coverage of Trojan malware examines reported incidents, technical analysis, infrastructure, disruption efforts, and defensive guidance for reducing cyber risk.
Search across headline titles and summaries.
Background for this topic.
A Trojan is malware that masquerades as legitimate, useful, or necessary software so a user or process runs it. “Trojan” describes a delivery or deception technique rather than one malware family; capabilities vary by sample and may include credential theft, surveillance, file manipulation, or remote access. Unlike self-propagating malware, a Trojan generally depends on being installed or executed through some other means.
Security analysis should identify the specific family and executable behavior rather than treating every Trojan as equivalent. Material concerns include untrusted software and tampered installers, execution under excessive privileges, and unauthorized persistence or access to sensitive data. Defenses include using trusted software sources and code-signature or application-control checks, limiting user privileges, monitoring endpoint process and network activity, and isolating suspected hosts. After detection, preserve relevant evidence, remove persistence, assess credential exposure, and investigate other affected systems before returning the device to normal use.
The Trojan utilizes the Obfuscapk obfuscator for Android APK files, Kaspersky explained
A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager
Discovered by Proofpoint, ZenRAT is a modular remote access trojan targeting Windows users
An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S
The Trojan had mainly been infecting banks in Europe since it first surfaced more than one year ago.
PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Infosec in brief T-Mobile has had another bad week on the infosec front – this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied.…