BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New banking trojan TgToxic attacks Android users in Southeast Asia

    Cybersecurity researchers at security firm Trend Micro have reported an ongoing malware campaign to spread the TgToxic banking trojan, which has been active since July 2022. The campaign includes attacks on cryptocurrency wallets, illegal money transfers and the theft of credentials from banking and financial apps of Android users in Taiwan, Thailand and Indonesia.

    According to the researchers, the attackers use malware called TgToxic, which is distributed under the guise of legitimate applications and promoted through phishing sites related to cryptocurrency and intimate services.

    In their attacks, the cybercriminals abuse the legitimate Easyclick test environment to write a JavaScript script to automatically hack the user interface of an Android device. This script allows hackers to automate actions such as clicks and gestures.

    The TgToxic malware scans cryptocurrency wallets and banking applications and steals user-entered credentials. The cybercriminals then use these credentials to make small transactions through the official app without requiring user confirmation. In addition, TgToxic can do many other things, including:

    • getting a list of contacts;
    • providing access to the victim's SMS messages;
    • photo using the camera;
    • automatic receipt of all necessary permits;
    • installation of third-party applications;
    • collects all emails of the victim;
    • automatic transfer of the victim's cryptocurrency from the crypto wallet applications installed on the device.

    The experts concluded that the TgToxic malware is not complex, but is rapidly evolving, gaining new features. Combining TgToxic with Easyclick's automation framework makes it even more challenging for cybersecurity experts. It has the potential to grow into sophisticated malware and rapidly expand its operations across multiple geographies.

    Author DeepWeb
    QBot operators now use OneNote to spread Trojan via email
    The heads of the largest IT companies are under investigation for conspiracy with the US government

    Comments 0

    Add comment