Transaction Protection in a Human-Not-Present Age

Imagine it is 10AM and you’re sitting in a meeting at work. You gaze out the window only to see your car drive out of the parking lot, turn left at the end of the road, and disappear around the corner. Your car, having sensed it needs a change of oil and seeing today’s calendar…

“Underground-uate” Studies in Cybercrime

Summer is slowly coming to an end and that means students are preparing for a new set of courses as they head back to school. That is, if they are going to a traditional college or university. The school of cybercrime offers a very different set of courses – and Biology and Algebra aren’t prerequisites…

iBanking Mobile Bot Raising Its Shields

In the cyber-underground, one can never be too careful.  Between researchers and law enforcement, cybercriminals are always wary of being shut-down or worse, caught and prosecuted.  The developers of the iBanking Trojan—a malicious mobile app targeting Android devices— are no exception.  Following in the footsteps of its older PC-based brothers that—looking to stay ahead in the…

iBanking Mobile Bot Source Code Leaked

RSA researchers have recently traced a forum post leaking the iBanking mobile bot control panel source-code. Apart from the server-side source-code, the leaked files also include a builder (a bash[1] script) that can un-pack the existing iBanking APK file and re-pack it with different configurations, essentially providing fraudsters with the means to create their own…

Mo Money Mo Problems

“It’s like the more money we come across, the more problems we see” -Notorious B.I.G.  Ever since the Liberty Reserve takedown in May of last year and the confiscation of all accounts by law enforcement, fraudsters have been busy finding a solid currency to which they can entrust their spoils without the risk of losing…

Behind the Scenes of a Fake Token Mobile App Operation

In the last few years, we have seen the mobile space explode with malware. According to a recent report by Trend Micro, the number of malware and high-risk apps available on the Android platform has crossed the one million mark, growing more than a thousand fold in under 3 years. To the financial industry, the…

Blue Big Data vs. Red Big Data

“The most valuable commodity I know of is information.” – Gordon Gecko Yes, the bad guys are getting there too; to the understanding that Big Data should matter more in their operations and that it will take more human-like, legitimate-looking behavior to trick detection systems into categorizing their activity as “un-risky”. Cybercriminals already acknowledged the…