Sept 14, 2017 (MODIFIED: Oct 17, 2017)
Sara Boddy, Jesse Smith, Doron Voolf
TrickBot kicked into high gear coming into August with the most targeted URLs since its launch. It released a new worm module, shifted its focus towards the US, and soared past the one thousand target URL mark in a single configuration.
Jul 27, 2017 (MODIFIED: Sept 01, 2017)
As TrickBot evolves, we examine version 24, which heavily targets Nordic financial institutions, and we take a close look at the Dyre–TrickBot connection.
Jun 15, 2017 (MODIFIED: Aug 01, 2017)
TrickBot shows no signs of slowing down as new targets are added and command and control servers hide within web hosting providers’ networks.
Apr 07, 2017 (MODIFIED: Sept 11, 2017)
Marcher targets focused on European, Australian, and Latin American banks, along with PayPal, eBay, Facebook, WhatsApp, Viber, Gmail, and Yahoo—all in the month of March.
Feb 17, 2017 (MODIFIED: Jul 06, 2017)
The Ramnit banking Trojan continues to evolve, this time with the intent of making the malware harder to detect.
Dec 01, 2016 (MODIFIED: Jul 06, 2017)
TrickBot, the latest arrival to the banking malware scene and successor to the infamous Dyre botnet, is in constant flux.
Sept 01, 2016 (MODIFIED: Jul 06, 2017)
Elman Reyes, Doron Voolf
F5 Labs analysts discovered a target pattern in the IBAN number formats as well as weekly changes to the script injection content.
In May 2016, the F5 Security Operations Center (SOC) detected a generic form grabber and IBAN (International Bank...
Jun 17, 2016 (MODIFIED: Jul 06, 2017)
And we're watching Dridex. Here's the latest in this malware's evolution.
Apr 26, 2016 (MODIFIED: Jul 06, 2017)
Ongoing campaign analysis has revealed that Dridex malware's latest focus has strongly shifted in recent months to US banks.
Feb 25, 2016 (MODIFIED: Jul 06, 2017)
Like many other financial Trojans, the notorious Dridex malware keeps evolving and strengthening its presence.
Nov 11, 2015 (MODIFIED: Jul 06, 2017)
Dyre malware requires little introduction as it has been the focus of many publications, and it is a well-known threat.
One of the reasons for it being so infamous is the frequent changes the authors incorporate in...
Apr 30, 2015 (MODIFIED: Jul 06, 2017)
VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.
Apr 12, 2015 (MODIFIED: Jul 06, 2017)
Anna Dorfman, Avi Shulman
Dyre is one of the most sophisticated banking malware agents in the wild.
Oct 15, 2014 (MODIFIED: Jul 06, 2017)
Tinba, also known as "Tinybanker", "Zusy" and "HµNT€R$", is a banking Trojan.
Get the latest application threat intelligence from F5 Labs.
Follow us on social media.