The PhishLabs Blog

Marcher Android Malware Increases its Geographic Reach

Posted by Joshua Shilko on Jun 23, '16

Earlier this year, PhishLabs wrote an in-depth analysis on Marcher, an Android Banking Trojan which is available for purchase as a kit on underground marketplaces. Marcher runs in the background on an infected device and monitors its operation to detect the launch of specific applications or websites. When a targeted application or site is opened, Marcher overlays the screen with a customized phishing site which mimics the look and feel of the targeted institution. Recent samples of Marcher have demonstrated an increase in total number of targeted institutions as well as a spread to additional geographic locations.

Read More

Topics: Malware, Android, marcher

Android.Trojan.Marcher - Conclusion


About Parts One and Two

This post is a conclusion to a three-part blog analyzing "Marcher" malware that targets the Android platform. Read part one here and part two here.  To round out the discussion, let’s cover the network and host indicators associated with this trojan.
Read More

Topics: Phishing, Malware, Threat Intelligence, Android, Banking Trojan

Android.Trojan.Marcher - Part Two


About Part One

Last week I posted a blog analyzing "Marcher" - malware targeting the Android platform. Designed to steal mobile banking app credentials from banking customers, it is one of the most prevalent Android password stealers seen in the wild. Read part one here.

Read More

Topics: Malware, Trojan, Android, Banking Trojan

Android.Trojan.Marcher


Part 1 of 3

"Marcher" is malware targeting the Android platform. It is designed to steal mobile banking app credentials from customers of many different financial institutions. Distributed through a variety of means, it is one of the most prevalent Android password stealers seen in the wild, second only to Svpeng.

Read More

Topics: Malware, Trojan, Android

Texting Malware, PoS System Targeting, Sniper Rifle Hack, and more | TWIC - July 31, 2015

Posted by Lindsey Havens on Jul 31, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Vulnerability, Hacker Tools, The Week in Cybercrime, Phone Fraud, Android, POS Attacks, Hacked, Patch, iOS

JP Morgan Arrests, Android Malware, Healthcare Threats, and more | TWIC - July 24, 2015

Posted by Lindsey Havens on Jul 24, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Malware, Hacker Tools, The Week in Cybercrime, Phone Fraud, Account Takeover, Android, Hacked, Patch, Arrests

Flash Player Patches, Darkode Takedown, Disguised CryptoWalls, and more | TWIC - July 17, 2015

Posted by Lindsey Havens on Jul 17, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, DDoS, Exploit, Adobe, The Week in Cybercrime, Account Takeover, Android, Hacked, Patch, Arrests

WordPress Vulnerability, AT&T Insider Breach, Crypto-ransomware and more | TWIC - April 10, 2015

Posted by Lindsey Havens on Apr 10, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: The Week in Cybercrime, Crimeware, Android, Data Breach, Ransomware

Revolution Crimeware, Hosting Companies Hacked, Dyre Targets Enterprises and more | TWIC - April 3, 2015

Posted by Lindsey Havens on Apr 3, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Malware, DDoS, The Week in Cybercrime, Crimeware, Android, Dyre Banking Trojan, Spear Phishing

Community Banks Targeted, Hotel WiFi Vulnerability, DDoS Trends and more | TWIC - March 27, 2015

Posted by Lindsey Havens on Mar 27, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Malware, DDoS, Vulnerability, The Week in Cybercrime, Android, Ransomware

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Upcoming Events

Calendar_Mock_