The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?

Recently, an enhanced version of the CriminalMW Android Banking Trojan was discovered, now available for rent at $5,000 per month on Telegram. This update includes new features like a unique overlay technique and targets 10 Brazilian banks using the PIX platform. Four threat actors, including SickoDevZ, have been linked to this malware. 

Law enforcement actions have led to the arrest of individuals associated with similar banking Trojans, including SickoDevZ. Despite these arrests, the emergence of a rebranding effort named WebDroid indicates that the CriminalMW Group continues to evolve, suggesting a larger network is still operational. 

Read the full analysis here. 

AsukaStealer, a Revamped Version of the ObserverStealer, Advertised as Malware-as-a-Service

On February 2, 2024, Cyble Research & Intelligence Labs (CRIL) discovered ‘AsukaStealer’, a Malware-as-a-Service (MaaS) being marketed on a Russian-language cybercrime forum. This malware, in its version 0.9.7, is available for rent at USD 80 per month. Interestingly, AsukaStealer first made its appearance on another prominent Russian forum on January 24, 2024, under a different identity, showcasing its operators’ efforts to widely promote their malicious service. 

AsukaStealer, developed in C++, is equipped with a range of functionalities and a user-friendly web-based control panel. It is adept at harvesting a variety of sensitive data including browser information, Discord and Telegram session details, credentials from FileZilla and Steam Desktop Authenticator, as well as data from crypto wallets and extensions. Additionally, it can capture screenshots from desktops. Further investigation suggests that AsukaStealer might be an evolved form of the previously known ObserverStealer malware, indicating its advanced and potentially more dangerous capabilities. 

Read the full analysis here.  

Tangerine Data Breach Exposes Personal Information of 230,000 Customers

Tangerine, a major telecom operator, recently suffered a significant data breach affecting 232,000 customers. This incident, which took place on February 18, 2024, was only brought to the attention of Tangerine’s management two days later, on February 20. The breach resulted in the unauthorized disclosure of a substantial amount of personal customer data. 

The company issued a statement on February 21, 2024, detailing the extent of the data leak. Compromised information included customers’ full names, dates of birth, mobile and email contacts, postal addresses, and Tangerine account numbers. However, Tangerine assured that more sensitive data like credit/debit card details, driver’s license numbers, ID documents, banking information, and passwords were not affected, as the company does not store such data. 

Read the complete article here. 

Navigating the Cyber Threat Landscape in 2024: Mastering Risk Scoring for Enhanced Security Posture

Join us on February 29, 2024, at 8:30 PM for an engaging and informative webinar: “Navigating the Cyber Threat Landscape in 2024: Mastering Risk Scoring for Enhanced Security Posture.” This session, led by the esteemed Ankit Sharma, Senior Director and Head of Solutions Engineering Sales, is meticulously designed to equip you with the knowledge and skills necessary to navigate the complexities of cyber threat risk scoring. It’s an invaluable opportunity for those seeking to bolster their cybersecurity defenses with advanced strategies and insights. 

Attendees will gain insights into the latest trends and challenges in cyber threat evaluation alongside an exploration of cutting-edge methodologies and tools for risk assessment and scoring. We’ll also provide practical guidance on integrating risk scoring into your security strategy, supplemented by case studies and real-world applications that demonstrate the efficacy of these approaches in preempting and mitigating cyber threats.  

This session is tailor-made for IT professionals, cybersecurity experts, risk management consultants, and CISOs keen on leveraging cyber threat risk scoring to enhance their organization’s security posture. Attendees will also enjoy exclusive giveaways, including the latest issue of The Cyber Express, the newest Threat Landscape Report, and a three-month Odin Subscription. 

Secure your spot for the webinar here! 

Related