Banking 

13.10.2025 Astaroth Astaroth: Banking Trojan Abusing GitHub for Resilience MALWARE Banking
03.10.2025 Klopatra Klopatra: exposing a new Android banking trojan operation with roots in Turkey MALWARE Banking
26.08.2025 Hook Version 3 Hook Version 3: The Banking Trojan with The Most Advanced Capabilities MALWARE Banking
23.06.2025 GodFather  GodFather Malware Returns Targeting Banking Users MALWARE BANKING
23.06.2025 FjordPhantom Promon discovers new Android banking malware, “FjordPhantom” MALWARE BANKING
05.02.2025 Coyote Banking Trojan Coyote Banking Trojan: A Stealthy Attack via LNK Files MALWARE Banking
10.12.2024 Antidot  AppLite: A New AntiDot Variant Targeting Mobile Employee Devices MALWARE BANKING
06.11.2024 ToxicPanda ToxicPanda: a new banking trojan from Asia hit Europe and LATAM MALWARE BANKING
28.10.2024 Grandoreiro Grandoreiro, the global trojan with grandiose goals MALWARE BANKING
27.10.2024 TrickMo Expanding the Investigation: Deep Dive into Latest TrickMo Samples MALWARE BANKING
14.09.2024 TrickMo A new TrickMo saga: from Banking Trojan to Victim's Data Leak MALWARE Banking
13.09.2024 Ajina.Banker  Ajina attacks Central Asia: Story of an Uzbek Android Pandemic MALWARE Banking
08.07.2024 Mekotio Mekotio Banking Trojan Threatens Financial Systems in Latin America MALWARE Banking
15.06.2024 Grandoreiro Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale MALWARE Banking
20.05.2024 Grandoreiro  Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns MALWARE Banking
03.04.2024 Mispadu Breaking Boundaries: Mispadu's Infiltration Beyond LATAM MALWARE Banking
14.03.2024 Mispadu According to ESET Research, Mispadu is an ambitious Latin American banking trojan that utilizes McDonald’s malvertising and extends its attack surface to web browsers. MALWARE Banking
12.03.2024 CHAVECLOAK FortiGuard Labs recently uncovered a threat actor employing a malicious PDF file to propagate the banking Trojan CHAVECLOAK.  MALWARE Banking
28.02.2024 Mispadu According to ESET Research, Mispadu is an ambitious Latin American banking trojan that utilizes McDonald’s malvertising and extends its attack surface to web browsers. MALWARE Banking
27.02.2024 Ousaban Ousaban: LATAM Banking Malware Abusing Cloud Services MALWARE Banking
27.02.2024 Mekotio Tweet on recent Mekotio Banker campaign MALWARE Banking
27.02.2024 Astaroth First spotted in the wild in 2017, Astaroth is a highly prevalent, information-stealing Latin American banking trojan. It is written in Delphi and has some innovative... MALWARE Banking
09.02.2024 Coyote Coyote: A multi-stage banking Trojan abusing the Squirrel installer MALWARE Banking
29.12.2023 TinyNuke TinyNuke (aka Nuclear Bot) is a fully-fledged banking trojan including HiddenDesktop/VNC server and a reverse socks4 server. It was for sale on underground marketplaces for $2500 in 2016.  MALWARE Banking
26.12.2023 Carbanak MyCERT states that Carbanak is a remote backdoor designed for espionage, data exfiltration, and to remote control.  MALWARE Banking
11.12.2023 TrickMo’s TrickMo’s Return: Banking Trojan Resurgence With New Features MALWARE Banking
21.11.2023 QakBot QBot is a modular information stealer also known as Qakbot or Pinkslipbot. It has been active for years since 2007. It has historically been known as a banking Trojan, meaning that it steals financial data from infected systems, and a loader using C2 servers for payload targeting and download.  MALWARE Banking
23.09.2023 BBtok 360 Security Center describes BBtok as a banking trojan targeting Mexico.  MALWARE Banking
23.09.2023 BBtok 360 Security Center describes BBtok as a banking trojan targeting Mexico.  MALWARE Banking
06.09.2023 Chaes Chae$ 4: New Chaes Malware Variant Targeting Financial and Logistics Customers MALWARE Banking
01.08.2023 WikiLoader Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer. MALWARE Banking
25.07.2023 Casbaneiro  According to BitDefender, Metamorfo is a family of banker Trojans that has been active since mid-2018. MALWARE Banking
10.07.2023 TOITOIN  Discover the intricate layers of a new sophisticated and persistent malware campaign targeting businesses in the LATAM region delivering the TOITOIN Trojan. MALWARE Banking
27.06.2023 Anatsa  Anatsa banking Trojan hits UK, US and DACH with new campaign MALWARE Banking
23.03.2023 Mispadu According to ESET Research, Mispadu is an ambitious Latin American banking trojan that utilizes McDonald’s malvertising and extends its attack surface to web browsers. MALWARE Banking
31.01.2024 Grandoreiro Grandoreiro is one of the many Latin American banking trojans such as Javali, Melcoz, Casabeniero, Mekotio, and Vadokrist, .... MALWARE Banking 
11.02.2023 PixPirate That said, on top of this evolution, one of the most crucial elements which have been disrupting the current state-of-art of anti-fraud departments is Instant Payments.  MALWARE Banking Malware
20.01.2023 ERMAC On July 23 a forum post appeared regarding a new Android banking trojan. The attached screenshots show that it is named ERMAC MALWARE Banking Malware
20.01.2023 BlackRock Around May 2020 ThreatFabric analysts have uncovered a new strain of banking malware dubbed BlackRock that looked pretty familiar. MALWARE Banking Malware
09.04.2022 Octo   MALWARE Banking Malware
09.04.2022 SharkBot   MALWARE Banking Malware
13.03.2026 VENON VENON: The First Brazilian Banker RAT in Rust MALWARE BANKING RAT
11.04.2023 Xenomorph  Xenomorph is a Android Banking RAT developed by the Hadoken.Security actor.  MALWARE Banking RAT
12.11.2025 Maverick Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution MALWARE Banking Trojan
12.11.2025 Coyote Banking Trojan Coyote Banking Trojan Extends Reach & Targets Users through WhatsApp MALWARE Banking Trojan
08.05.2022 Dridex OxCERT blog describes Dridex as "an evasive, information-stealing malware variant; its goal is to acquire as many credentials as possible and return them via an encrypted tunnel to a Command-and-Control (C&C) server. These C&C servers are numerous and scattered all over the Internet, if the malware cannot reach one server it will try another. MALWARE Banking Trojan
01.03.2022 TeaBot   MALWARE Banking/RAT Malware