A banking malware is making its way through the Americas and North America could be next. BBTok banking malware first discovered in 2020 is back on the scene with significant upgrades. One of the advancements tricks users into supplying sensitive banking information through phishing links and bogus web pages. BBTok's victim list is rapidly growing, with the threat actors suspected of being from Brazil.
One BBTok upgrade is now using fileless injection. This makes detecting the malware through antivirus and other traditional methods unlikely. As a result, fileless attacks are difficult to detect and that makes them difficult to prevent.
Capitalizing on BBTok's fileless attacks, phishing is the main way the malware finds a place to thrive. Previously, BBTok relied on email attachments for infection and has now expanded to also using phishing links. BBTok can even find potential victims by scanning their browser tabs for bank names.
One way BBTok operates so well is by duplicating the interface of over 40 Brazilian and Mexican banks. It includes fake login pages tricking customers into supplying their 2FA security codes and even sharing payment card information. From there, the next move for attackers is account takeovers, or ATOs. Once that happens, the victim is locked out of the account and all of the funds and information held there now belong to the attacker.
The best way to arm yourself against malware like BBTok is by using anti-phishing smarts.
Use a healthy dose of common sense before handing out sensitive information. An email or text from your bank or other sensitive accounts asking you to log in or provide confidential PII should always be suspect. Instead, type in the trusted web address yourself to find if it's legitimate.
- Never click on links or open attachments unless you can verify the sender is a trusted source. Links can take you to copycat websites that steal your data and attachments carry malware.
- Delete a suspect email or text without opening it. If the message looks odd in any way, don’t open it. It's better deleted than getting infected.
- Look for any sense of urgency. Hackers like to push us into acting quickly before there’s time to verify the message is legitimate or not. There is always time to take a bit to determine if is legit.
- Keep all system software, including all apps, updated as soon as they are available. Most updates include fixes for security bugs and provide the latest security patches.
New Tycoon 2FA Phishing Kit Evades MFA
Published April 22, 2024
A new upgrade to a phishing kit is getting around MFA, and that's a big security concern. Multi-Factor Authentication (MFA) is a widely used tool many of us rely on for our authentication security. The phishing kit is called "Tycoon 2FA" and it's currently stealing Microsoft 365 and Gmail email accounts. Cybersecurity experts at Sekoia.io have been following it and their report sheds light on this Phishing-as-a-Service (PaaS) kit. Tycoon 2FA is being sold on the dark web, but there is a defense and it is something we should all know how to do.
Keeping Your Bank Account And Credit Cyber-Smart
Published April 16, 2024
Financial institutions and hacking go hand-in-hand. Hacking banks and their account holders is the most direct cash infusion a hacker can get…and they know it. According to Kaspersky Lab, attacks on ATMs alone hit an all-time high in 2017 with malware-as-a-service (MAAS) opportunities. With this service, even hacking “hacks” who have no cybercrime experience can watch an instructional “how to” video on how to target an ATM successfully. Guarding our finances with common sense protection is something we all need to do.
Securing Your Online Financial Accounts – Can You Afford Not To?
Published April 6, 2024
Most of us would agree technology makes online banking a breeze. No more trips to the brick-and-mortar, parking, or waiting in line. But with that ease comes the reality that our financial accounts are vulnerable and valuable cybercrime targets. The best answer to that risk is being proactive about your online banking security. This is the first of a two-part look at steps you can take to further secure your own accounts. After all, can you afford not to?
Ransomware's 4 Favorite Entry Options And How To Counter Them
Published February 17, 2024
Studies show 41% of customers say they would stop buying from a business victim of ransomware. Attacks against small-to-medium sized businesses (SMBs) can be most catastrophic, with 65% closing their doors within six months of a ransomware attack. Ransomware is behind countless problems for businesses worldwide, including significant down-time, loss of reputation, and customers, and significant financial expense. Knowing the four most prevalent ways ransomware launches attacks is something every organization leader and IT department should know.
Hacking Gets Easier With Email Phishing Kits For Sale
Published February 11, 2024
Knowing that hackers are doing their best to make their jobs easier isn’t a comforting thought. The increased popularity of “phishing kits” and their easy availability is a growing threat to cybersecurity everywhere. Research by Cyren found over 5,000 unique phishing kits for sale, a strong indication of their growing popularity. Getting even more sophisticated and easier to use, they allow highly targeted and short-lived attacks that can devastate a victim.
