In the past two weeks of May, we noticed that the whole world is susceptible to cyber-attacks and even banks. Bizarro is another family of banking Trojans originating in Brazil that is now found in other regions of the world. In addition, fake Android and iOS apps disguise as trading and cryptocurrency apps.

For more articles, check out our #onpatrol4malware blog.

Tracking One Year of Malicious Tor Exit Relay Activities

Source: NuSensu

In August 2020 I reported about “How Malicious Tor Relays are Exploiting Users in 2020 (Part I)”. Back then I made the hypothesis that the entity behind these malicious tor relays is not going to stop its activities anytime soon. Read more.

Fake Android and iOS apps disguise as trading and cryptocurrency apps

Source: SophosNews

Recently, we were tipped off to a fraudulent mobile trading application that masqueraded as one tied to a well-known Asia-based trading company. Read more.

Bizarro banking Trojan expands its attacks to Europe

Source: SecureList

Bizarro is yet another banking Trojan family originating from Brazil that is now found in other regions of the world. We have seen users being targeted in Spain, Portugal, France, and Italy. Read more.

From pentest to APT attack: cybercriminal group FIN7 disguises its malware as an ethical hacker’s toolkit

Source: Bi.Zone

This is not the first time we have come across a cybercriminal group that pretends to be a legitimate organization and disguises its malware as a security analysis tool. Read more.

Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works

Source: Nozomi

Throughout the last two weeks, the entire cybersecurity community has been riveted by the Colonial Pipeline ransomware attack. It is one of the most notable attacks on the critical infrastructure of the past few years and has, directly and indirectly, impacted multiple industries in the U.S economy. Read more.