New Rust Based VENON Malware Steals Banking Credentials

New banking malware called VENON that targets Windows computers.
The malware works similarly to other banking trojans like Grandoreiro,
Mekotio and Coyote.

Pulse ID: 69b5d746268d5e99c53cd2b9
Pulse Link: https://otx.alienvault.com/pulse/69b5d746268d5e99c53cd2b9
Pulse Author: cryptocti
Created: 2026-03-14 21:46:46

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #BankingTrojan #Coyote #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #Rust #Trojan #Windows #bot #cryptocti

BeatBanker: both banker and miner for Android

BeatBanker is a sophisticated Android malware campaign targeting Brazil. It spreads through phishing attacks using a fake Google Play Store website. The malware combines a cryptocurrency miner and a banking Trojan capable of hijacking devices and overlaying screens. It employs creative persistence mechanisms, including playing an inaudible audio loop. BeatBanker monitors device status, disguises itself as legitimate apps, and targets cryptocurrency transactions on Binance and Trust Wallet. Recent variants have replaced the banking module with the BTMOB remote administration tool, expanding its capabilities. The threat demonstrates advanced evasion techniques, uses Firebase Cloud Messaging for command and control, and targets multiple browsers for data collection. Victims are primarily located in Brazil, with some samples spreading via WhatsApp.

Pulse ID: 69b00dee760ddbc37285d8c3
Pulse Link: https://otx.alienvault.com/pulse/69b00dee760ddbc37285d8c3
Pulse Author: AlienVault
Created: 2026-03-10 12:26:22

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Bank #BankingTrojan #Binance #Brazil #Browser #Cloud #CyberSecurity #ELF #Google #GooglePlay #InfoSec #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SMS #Trojan #WhatsApp #bot #cryptocurrency #AlienVault

When your IPTV app terminates your savings

A new Android banking Trojan named Massiv has been discovered, posing a significant threat to mobile banking users. This malware allows remote control of infected devices and enables Device Takeover attacks, leading to fraudulent transactions from victims' accounts. Massiv is distributed through side-loading, often masquerading as IPTV applications. It features overlay functionality, keylogging, and SMS/Push message interception to steal sensitive data. The malware has targeted government applications and digital identity wallets, particularly in Portugal. Massiv supports screen streaming and UI-tree modes for remote control, bypassing screen capture protections. The trend of malware masquerading as IPTV apps is increasing, exploiting users' willingness to install from unofficial sources.

Pulse ID: 6996ee4320c952e1066ff964
Pulse Link: https://otx.alienvault.com/pulse/6996ee4320c952e1066ff964
Pulse Author: AlienVault
Created: 2026-02-19 11:04:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Bank #BankingTrojan #CyberSecurity #Government #InfoSec #Malware #MobileBanking #OTX #OpenThreatExchange #Portugal #RCE #SMS #Trojan #bot #AlienVault

Albiriox: il malware Android che svuota i conti correnti
#Albiriox #Android #App #BankingTrojan #CyberSecurity #Frode #GooglePlayProtect #MaaS #MalwareAndroid #Sicurezza #TechNews #Tecnologia #Trojan #Truffa

https://www.ceotech.it/albiriox-il-malware-android-che-svuota-i-conti-correnti/

🚨 Alert: The new #EternidadeStealer is using WhatsApp to spread malicious files to steal banking and crypto data from users. Watch out and don’t open unexpected attachments, plus verify messages from contacts.

Read: https://hackread.com/eternidade-stealer-whatsapp-steal-banking-data/

#CyberSecurity #Malware #WhatsApp #BankingTrojan #InfoSec

📰 Herodotus Android Malware Mimics Human Typing to Bypass Biometric Security

🤖 New "Herodotus" Android banking trojan mimics human typing to bypass biometric security! Sold as MaaS, it takes over devices to steal from banking & crypto apps. Active in Italy & Brazil. #Android #Malware #BankingTrojan #MobileSecurity

🔗 https://cyber.netsecops.io/articles/herodotus-android-malware-mimics-human-typing-to-evade-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

Android malware alert: Mobdro Pro IP TV + VPN installs Klopatra banking Trojan, compromising devices and banking credentials.

More info: https://www.technadu.com/fake-vpn-spreads-malware-targeting-android-banking-accounts/611164/

#AndroidSecurity #CyberSecurity #BankingTrojan #MobileSecurity #VPN #TechNadu

ERMAC V3.0's source code leak reveals a crafty banking trojan overlaying fake forms on trusted apps—and its glaring vulnerabilities could reshape cyber defenses. How safe are your apps?

https://thedefendopsdiaries.com/unveiling-ermac-v30-a-deep-dive-into-the-android-malware-source-code-leak/

#ermacv3
#androidmalware
#cybersecurity
#bankingtrojan
#malwareanalysis

Mekotio banking trojan resurges in Latin America, targeting financial systems. Delivered via phishing emails, it steals banking credentials, captures screenshots, logs keystrokes, and maintains persistence. Primarily affecting Brazil, Chile, Mexico, Spain, and Peru, Mekotio employs sophisticated social engineering tactics. Users should practice email security and verify sender identities to mitigate risks.

#Mekotio #BankingTrojan #CyberSecurity #PhishingAttacks #FinancialFraud #GeneratedByAI

https://www.trendmicro.com/en_us/research/24/g/mekotio-banking-trojan.html