Online Banking Fraud Blog

David García Dec 17, 2020 10 min read

GravityRAT Returns to Android - Android RAT

GravityRAT, as its name suggests, is a malicious software that allows its operators to obtain remote control of the infected device. This is what's known as a Remote Access Tool. This type of malware has been quite popular on desktop systems, but ...
Start Reading
David García Jul 2, 2020 1 min read

Desktop Banking Trojan

In the world of malware for Windows desktop systems, we can find multiple categories, each of which is based on what malicious activity the software presents and how it carries it out. We usually talk about "trojans" and, more specifically, "bank ...
Start Reading
David García Apr 28, 2020 11 min read

Vicious Panda: a new malware campaign exploiting coronavirus

Recently, Check Point researchers have detected malware for Windows that uses the coronavirus (COVID-19) to infect its victims. This malware campaign has been dubbed 'Vicious Panda', and its main objective is the public sector in Mongolia.
Start Reading
David García Apr 14, 2020 11 min read

Full report on Cerberus, an Android banking trojan

Cerberus is a well-known banking Trojan for Android that we already discussed in a comprehensive report on how it works in October 2019, when it began to affect Spanish and Latin American entities.
Start Reading
Alán Alcoverro Mar 31, 2020 11 min read

How to stop Remote Access Trojans

Every day, people use their laptops and phones for private tasks, such as online banking, and they input confidential or sensitive information, such as login details and passwords. Here is where Remote Access Trojans (RATs) come into play.
Start Reading
David García Aug 8, 2019 5 min read

BANKER RTC PORTAL, attacks Latin American and European banks

At buguroo we have been detecting a massive fraud campaign targeting banks in Latin America and Europe since the end of last month, July 2019. Its objective is to steal money and credentials, and it is being executed using a RAT (Remote Access ...
Start Reading
David García Jul 1, 2019 8 min read

Brazilian Trojan Guildma reaches Spain

In mid-May we detected a new Guildma campaign that affected banks in Spain, as well as different countries in Latin America and Portugal. Recently, we have continued to receive samples with small changes in the code.
Start Reading
David García Nov 21, 2017 28 min read

New banking malware in Brazil - XPCTRA RAT ANALYSIS

At the end of September 2017 an article was published about the presence of a Spy Banker malware called XPCTRA (Expectra).
Start Reading
Jose Carlos Corrales Oct 19, 2017 5 min read

RAT Protection for Banking Customers That Works

Trapping RATs to Prevent Online Banking Fraud. Frecuently, crime-as-a-service sector analyzes new ways to attack their targets in order to obtain maximum results at the lowest risk.
Start Reading