VB Blog

Virus Bulletin announces platinum sponsors for VB2015

Posted by   Virus Bulletin on   Dec 16, 2014

More sponsorship opportunities available.

Read more  

VB2014 paper: Smart home appliance security and malware

Posted by   Virus Bulletin on   Dec 15, 2014

Jeongwook Oh demonstrates how to hack a Samsung smart TV.

Read more  

Virus Bulletin is hiring

Posted by   Virus Bulletin on   Dec 8, 2014

VB seeks a Perl Developer / Security Engineer.

Read more  

Conference report: VB2014

Posted by   Virus Bulletin on   Nov 28, 2014

The biggest and broadest ranging Virus Bulletin conference ever was a great success.

Read more  

VB2014 paper: Labelling spam through the analysis of protocol patterns

Posted by   Virus Bulletin on   Nov 26, 2014

What do your IP packet sizes say about whether you're a spammer?

Read more  

Detekt tool searches PCs for traces of surveillance spyware

Posted by   Virus Bulletin on   Nov 24, 2014

Second opinion essential in circumstances under which likely victims operate.

Read more  

Multi-staged, modular Regin tool enables stealthy surveillance

Posted by   Virus Bulletin on   Nov 24, 2014

Nation state likely behind campaign that goes back many years.

Read more  

VB2014 paper: Sweeping the IP space: the hunt for evil on the Internet

Posted by   Virus Bulletin on   Nov 21, 2014

Dhia Mahjoub explains how the topology of the AS graph can be used to uncover hotspots of maliciousness.

Read more  

Botconf 2014 preview

Posted by   Virus Bulletin on   Nov 21, 2014

Many VB authors and presenters to speak at second botnet-fighting conference.

Read more  

Report: VB100 comparative review on Windows 8.1

Posted by   Virus Bulletin on   Nov 20, 2014

40 out of 48 tested products earn VB100 award.

Read more  
Previous1...6162636465...215Next

Search blog

VB2017 video: Client Maximus raises the bar

At VB2017, IBM Trusteer researcher Omer Agmon, presented a 'last-minute' paper in which he analysed the Client Maximum trojan, which targets Brazilian users of online banking. Today, we release the recording of his presentation.
Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware… https://www.virusbulletin.com/blog/2018/08/vb2017-video-client-maximus-raises-bar/

MnuBot banking trojan communicates via SQL server

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.
Researchers at IBM X-Force have discovered a new banking trojan, dubbed 'MnuBot', which is targeting Internet users in Brazil. The trojan performs tasks common to banking… https://www.virusbulletin.com/blog/2018/05/mnubot-banking-trojan-communicates-sql-server/

VB2017 video: Turning Trickbot: decoding an encrypted command-and-control channel

Trickbot, a banking trojan which appeared this year, seems to be a new, more modular, and more extensible malware descendant of the notorious Dyre botnet trojan. At VB2017, Symantec researcher Andrew Brandt presented a walkthrough of a typical Trickbot in…
Trickbot, first reported a year ago by Malwarebytes researcher Jérôme Segura as the successor of Dyre/Dyreza, has become perhaps the most important banking trojan of 2017. It is… https://www.virusbulletin.com/blog/2017/11/vb2017-video-turning-trickbot-decoding-encrypted-command-and-control-channel/

VB2016 paper: Diving into Pinkslipbot's latest campaign

Qakbot or Qbot, is a banking trojan that makes the news every once in a while and was the subject of a VB2016 paper by Intel Security researchers Sanchit Karve, Guilherme Venere and Mark Olea. In it, they provided a detailed analysis of the Pinkslipbot/Qa…
Pinkslipbot, also known as Qakbot or Qbot, is a banking trojan that makes the news every once in a while, yet never seems to get the attention of the world's Zbots and Dridexes. I… https://www.virusbulletin.com/blog/2017/06/vb2016-paper-diving-pinkslipbots-latest-campaign/

VB2016 video: Nymaim: the Untold Story

Until very recently, the Nymaim banking trojan was a serious problem in Poland. Today, we publish the video of the VB2016 presentation by CERT Polska researchers Jarosław Jedynak and Maciej Kotowicz, in which they analyse this malware-dropper-turned-banki…
Every year, the Virus Bulletin conference programme includes a number of 'last-minute' papers: presentations on topics that are so hot, they are added to the programme only a few… https://www.virusbulletin.com/blog/2017/02/vb2016-video-nymaim-untold-story/

VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

At VB2016, Peter Kruse gave a presentation detailing the Neverquest trojan, the alleged author of which was arrested in Spain earlier this month. Today, we publish the recording of Peter's presentation.
Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the… https://www.virusbulletin.com/blog/2017/01/vb2016-video-neverquest-crime-service-and-hunt-big-bucks/

VB2016 paper: Modern attacks on Russian financial institutions

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.
Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-modern-attacks-russian-financial-institutions/

When it comes to online banking, sub-optimal encryption isn't our biggest concern

Malware authors and scammers won't attack the crypto.
Malware authors and scammers won't attack the crypto. Under the headline "no zero-day necessary", Xiphos has published a rather scary blog post on the state of SSL security within… https://www.virusbulletin.com/blog/2016/01/when-it-comes-online-banking-sub-optimal-encryption-isn-t-our-biggest-concern/

VB2015 video: Making a dent in Russian mobile banking phishing

Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks.
Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly… https://www.virusbulletin.com/blog/2015/12/video-making-dent-russian-mobile-banking-phishing/

POODLE is the brown M&Ms of security

Just because it won't be exploited, doesn't mean you shouldn't patch it.
Just because it won't be exploited, doesn't mean you shouldn't patch it. There is a famous story about the rock band Van Halen whose lists of requirements when performing a show… https://www.virusbulletin.com/blog/2015/04/poodle-brown-m-amp-ms-security/

Does it matter if my banking password is 'Prague'?

Users do choose weak passwords, but they aren't as big a problem as we think.
Users do choose weak passwords, but they aren't as big a problem as we think. This week, I spent a few days at the Cyber Security Summit Financial Services conference in Prague,… https://www.virusbulletin.com/blog/2015/04/does-it-matter-if-my-banking-password-prague/

Box-ticking mentality leads to insecurity

Credit card company fails to understand how authentication works.
Credit card company fails to understand how authentication works. Security experts often bemoan a 'box-ticking' mentality and argue that in many cases ticking boxes doesn't address… https://www.virusbulletin.com/blog/2013/09/box-ticking-mentality-leads-insecurity/

Dutch citizens keep extra cash at hand following DDoS attacks

Month-long attacks had significant impact.
Month-long attacks had significant impact. 25% of Dutch citizens have followed advice to keep extra cash at home, following a recent spate of DDoS attacks on Dutch banks. At the… https://www.virusbulletin.com/blog/2013/05/dutch-citizens-keep-extra-cash-hand-following-ddos-attacks/

Trojan steals money from bank accounts via 'training session'

Social engineering circumvents banking security
Social engineering circumvents banking security In a new method of stealing money from customer accounts, a variant of the SpyEye trojan invites the user to make a supposedly… https://www.virusbulletin.com/blog/2011/09/trojan-steals-money-bank-accounts-training-session/

Bank's Twitter account hacked to send phishing messages

Important lessons for companies engaging in social media.
Important lessons for companies engaging in social media. Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing… https://www.virusbulletin.com/blog/2011/09/bank-s-twitter-account-hacked-send-phishing-messages/

Banking malware tells user to 'refund' money

Web injection used to suggest accidental transfer.
Web injection used to suggest accidental transfer. In a new twist to banking trojans, a piece of malware found on German computers tricks victims into believing a large amount has… https://www.virusbulletin.com/blog/2011/08/banking-malware-tells-user-refund-money/

Trojan uses remote user account to control compromised machine

Malware targets customers of Brazilian banks.
Malware targets customers of Brazilian banks. Researchers at Kaspersky have discovered a piece of malware aimed at customers of Brazilian banks which creates a remote user account… https://www.virusbulletin.com/blog/2011/07/trojan-uses-remote-user-account-control-compromised-machine/

Zitmo trojan for Android defeats two-factor authentication

Malware intercepts TANs sent via SMS.
Malware intercepts TANs sent via SMS. A new variant of the Zitmo trojan has been discovered that infects mobile devices running the Android platform and which intercepts SMS… https://www.virusbulletin.com/blog/2011/07/zitmo-trojan-android-defeats-two-factor-authentication/

US court: passwords reasonable security for online banking

Security question considered second authentication factor.
Security question considered second authentication factor. A US court has declared that a combination of passwords and 'security questions' is an ample way for banks to protect… https://www.virusbulletin.com/blog/2011/06/us-court-passwords-reasonable-security-online-banking/

Banking malware hosted on Amazon's cloud servers

Trojan targets mostly Brazilian banks.
Trojan targets mostly Brazilian banks. Researchers have discovered malware hosted on Amazon Web Services that steals victims' bank account data. Acting as a rootkit, the malware… https://www.virusbulletin.com/blog/2011/06/banking-malware-hosted-amazon-s-cloud-servers/

« Previous 12 Next »

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.