New Banking Malware DoubleTrouble Attacking Users Via Phishing Sites To Steal Banking Credentials

DoubleTrouble represents a concerning evolution in mobile banking malware, combining traditional overlay attacks with cutting-edge capabilities including comprehensive screen recording, advanced keylogging, and real-time device manipulation. DoubleTrouble can capture screen content in real-time, monitor every keystroke, block legitimate banking applications, and present convincing fake interfaces designed to harvest sensitive financial information. A sophisticated new banking trojan dubbed DoubleTrouble has emerged as a significant threat to mobile users across Europe, employing advanced evasion techniques and expanding its attack surface through novel distribution channels. The malware’s ability to record exactly what users see enables attackers to bypass traditional security measures, intercept one-time passwords, and gain access to highly confidential financial data through visual observation rather than direct application compromise. The research team’s analysis revealed the malware’s rapid evolution in both distribution methods and technical capabilities, marking it as one of the most sophisticated banking trojans observed in recent months. The complete payload is transmitted to the command and control server, providing attackers with an unobstructed view of all user activities including banking transactions, cryptocurrency operations, and password manager interactions. The malware initially spread through phishing websites impersonating well-known European banking institutions, but has recently evolved to leverage bogus websites hosting malicious samples directly within Discord channels. DoubleTrouble’s most concerning feature lies in its sophisticated screen recording capability, which leverages Android’s MediaProjection and VirtualDisplay APIs to achieve comprehensive visual surveillance. Security researchers at Zimperium identified this banking trojan during extensive monitoring operations, collecting 25 samples of earlier variants and 9 samples from the current campaign.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 31 Jul 2025 23:20:18 +0000

Cyber News related to New Banking Malware DoubleTrouble Attacking Users Via Phishing Sites To Steal Banking Credentials

10 Best Anti-Phishing Tools in 2025 - What is Good?What Could Be Better?Real-time email threat detection and response using AI and machine learning.Limited customer support optionsAutomates incident response to stop phishing attacks quickly.The training module is not entirely ...
1 week ago Cybersecuritynews.com

New Banking Malware DoubleTrouble Attacking Users Via Phishing Sites To Steal Banking Credentials - DoubleTrouble represents a concerning evolution in mobile banking malware, combining traditional overlay attacks with cutting-edge capabilities including comprehensive screen recording, advanced keylogging, and real-time device manipulation. ...
1 week ago Cybersecuritynews.com

PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com

Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com

29 malware families target 1,800 banking apps worldwide - Mobile banking is outpacing online banking across all age groups due to its convenience and our desire to have those apps at our fingertips, according to Zimperium. This surge is accompanied by a dramatic growth in financial fraud. The research ...
1 year ago Helpnetsecurity.com

What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com

Qbot malware returns in campaign targeting hospitality industry - The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over the summer. In August, a multinational law enforcement operation called Operation Duck Hunt accessed the QakBot admin's ...
1 year ago Bleepingcomputer.com

USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
1 year ago Hackread.com

February 2024's Most Wanted Malware: WordPress Websites Targeted by Fresh FakeUpdates Campaign - Our latest Global Threat Index for February 2024 saw researchers uncover a fresh FakeUpdates campaign compromising WordPress websites. These sites were infected using hacked wp-admin administrator accounts, with the malware adapting its tactics to ...
1 year ago Blog.checkpoint.com

Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com