Recent Posts

Recent Blog Posts

The PhishLabs Blog

RedAlert2 Mobile Banking Trojan Actively Updating Its Techniques

Posted by Joshua Shilko on Sep 25, '17

RedAlert2, an Android banking Trojan, has received a significant amount of attention since first noted last week (read more in this article by Bleeping Computer). The high level of interest in this Trojan is due to the fact that the code base appears to be completely new and the Trojan itself includes some unique functionality.  The PhishLabs Research, Analysis, and Intelligence Division (R.A.I.D.) recently identified a new sample which exhibits changed tactics, techniques, and procedures relative to previous samples. We’ll review some of the interesting features of RedAlert2 before identifying the changes observed in the most recent sample.

Read More

Topics: Android, Banking Trojan, Mobile Crimeware

BankBot Continues Its Evolution as AgressiveX AndroBot

Posted by Joshua Shilko on Sep 5, '17

PhishLabs researchers recently came across BankBot Android Banking Trojan samples which have a redesigned Administration Panel and new URL paths in their C2 infrastructure. The actor may be customizing BankBot to his or her liking, or perhaps re-packaging the leaked software for sale under another name. The use of the branded domain, agressivex[.]com, supports the latter. The new panel login screen is displayed below next to a more typical BankBot Maza-in panel. 

Read More

Topics: Mobile Crimeware

Marcher and Other Mobile Threats: What You Need to Know

Posted by Joshua Shilko on May 26, '17

When most people think about cyber risk, they think primarily of their organization’s servers, PCs, and laptops, and how they might be vulnerable to attack.

But in recent years, the way in which users interact with the outside world has changed. In March this year, for the first time ever, Android overtook Windows to claim the largest share of Internet traffic.

And naturally, where users go, threat actors will surely follow.

Read More

Topics: Mobile, Rogue Mobile Applications, Mobile Crimeware


What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events


Posts by Topic

see all