* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Saturday, July 26, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Top 5 entertainment news: Sandeep Reddy Vanga regrets trimming Animal’s runtime by 7-8 minutes, Akshay Ku – Times of India

    Top 5 Entertainment Highlights: Sandeep Reddy Vanga Reveals Why He Trimmed Animal’s Runtime by 7-8 Minutes, Plus Akshay Ku Updates

    Cote de Pablo reveals how Michael Weatherly used his soap opera roots to put her at ease in “NCIS” love scene – yahoo.com

    Cote de Pablo Reveals How Michael Weatherly’s Soap Opera Background Made Their “NCIS” Love Scene Easier

    City of Pelham announces entertainment district plans for former Oak Mountain Amphitheatre site – WVTM

    Pelham Unveils Exciting New Entertainment District Plans for Former Oak Mountain Amphitheatre Site

    Black Box Players presents ‘The Three Musketeers’ – CBS 19 News

    Experience the Adventure: Black Box Players Bring ‘The Three Musketeers’ to Life!

    AP Entertainment SummaryBrief at 1:51 p.m. EDT – Channel 3000

    Entertainment Highlights: Key Updates You Can’t Miss

    ‘Devil Wears Prada 2’ casts Anne Hathaway’s love interest replacing Adrian Grenier’s Nate – Entertainment Weekly

    Devil Wears Prada 2′ Casts New Love Interest for Anne Hathaway, Replacing Adrian Grenier’s Nate

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    Eagle Unveils Revolutionary X-Ray Technology at Pack Expo

    Validea’s Top Information Technology Stocks Based On Peter Lynch – 7/25/2025 – Nasdaq

    Validea’s Top Information Technology Stocks Based On Peter Lynch – 7/25/2025 – Nasdaq

    WhoFi: New surveillance technology can track people by how they disrupt Wi-Fi signals – Tech Xplore

    WhoFi: New surveillance technology can track people by how they disrupt Wi-Fi signals – Tech Xplore

    Google Cloud Announced as a Key Technology Partner for Odoo Connect 2025 in San Francisco – GlobeNewswire

    Google Cloud Announced as a Key Technology Partner for Odoo Connect 2025 in San Francisco – GlobeNewswire

    Behind the Screens: The Impact of Technology on Real Estate – TRREB

    Behind the Screens: How Technology is Transforming the Future of Real Estate

    Sustainserv and Palau Announce Technology Partnership to Leverage Innovative AI Platform to Advance Sustainability Reporting – Business Wire

    Sustainserv and Palau Team Up to Transform Sustainability Reporting with Breakthrough AI Technology

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Top 5 entertainment news: Sandeep Reddy Vanga regrets trimming Animal’s runtime by 7-8 minutes, Akshay Ku – Times of India

    Top 5 Entertainment Highlights: Sandeep Reddy Vanga Reveals Why He Trimmed Animal’s Runtime by 7-8 Minutes, Plus Akshay Ku Updates

    Cote de Pablo reveals how Michael Weatherly used his soap opera roots to put her at ease in “NCIS” love scene – yahoo.com

    Cote de Pablo Reveals How Michael Weatherly’s Soap Opera Background Made Their “NCIS” Love Scene Easier

    City of Pelham announces entertainment district plans for former Oak Mountain Amphitheatre site – WVTM

    Pelham Unveils Exciting New Entertainment District Plans for Former Oak Mountain Amphitheatre Site

    Black Box Players presents ‘The Three Musketeers’ – CBS 19 News

    Experience the Adventure: Black Box Players Bring ‘The Three Musketeers’ to Life!

    AP Entertainment SummaryBrief at 1:51 p.m. EDT – Channel 3000

    Entertainment Highlights: Key Updates You Can’t Miss

    ‘Devil Wears Prada 2’ casts Anne Hathaway’s love interest replacing Adrian Grenier’s Nate – Entertainment Weekly

    Devil Wears Prada 2′ Casts New Love Interest for Anne Hathaway, Replacing Adrian Grenier’s Nate

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    Eagle Unveils Revolutionary X-Ray Technology at Pack Expo

    Validea’s Top Information Technology Stocks Based On Peter Lynch – 7/25/2025 – Nasdaq

    Validea’s Top Information Technology Stocks Based On Peter Lynch – 7/25/2025 – Nasdaq

    WhoFi: New surveillance technology can track people by how they disrupt Wi-Fi signals – Tech Xplore

    WhoFi: New surveillance technology can track people by how they disrupt Wi-Fi signals – Tech Xplore

    Google Cloud Announced as a Key Technology Partner for Odoo Connect 2025 in San Francisco – GlobeNewswire

    Google Cloud Announced as a Key Technology Partner for Odoo Connect 2025 in San Francisco – GlobeNewswire

    Behind the Screens: The Impact of Technology on Real Estate – TRREB

    Behind the Screens: How Technology is Transforming the Future of Real Estate

    Sustainserv and Palau Announce Technology Partnership to Leverage Innovative AI Platform to Advance Sustainability Reporting – Business Wire

    Sustainserv and Palau Team Up to Transform Sustainability Reporting with Breakthrough AI Technology

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Something nasty injected login-stealing JavaScript into 50K online banking sessions

December 31, 2023
in Technology
Something nasty injected login-stealing JavaScript into 50K online banking sessions
Share on FacebookShare on Twitter

IBM Security has dissected some JavaScript code that was injected into people’s online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023.

Judging by the evidence to hand, it appears the Windows malware DanaBot, or something related or connected to it, infects victims’ PCs – typically from spam emails and other means – and then waits for the user to visit their bank website. At that point, the malware kicks in and injects JavaScript into the login page. This injected code executes on the page in the browser, and intercepts the victim’s credentials as they are entered, which can be passed to fraudsters to exploit to drain accounts.

The code has been spotted attacking customers of dozens of financial orgs in North America, South America, Europe, and Japan, IBM’s Tal Langus reported this week.

The miscreants behind this caper bought the domain names used by the JavaScript code in December 2022, and started their web injection campaign shortly after. We’re told the credential stealing continues to this day. The JS targets a webpage structure that multiple banks use for their sites, and it sounds as though it can harvest multi-factor authentication tokens, too, from marks.

When the requested banking page “contains a certain keyword and a login button with a specific ID present, new malicious content is injected,” Langus explained. “Credential theft is executed by adding event listeners to this button, with an option to steal a one-time password (OTP) token with it.”

The script is fairly smart: it communicates with a remote command-and-control (C2) server, and removes itself from the DOM tree – deletes itself from the login page, basically – once it’s done its thing, which makes it tricky to detect and analyze.

The malware can perform a series of nefarious actions, and these are based on an “mlink” flag the C2 sends. In total, there are nine different actions that the malware can perform depending on the “mlink” value, we’re told. 

These include injecting a prompt for the user’s phone number or two-factor authentication token, which the miscreants can use with the intercepted username and password to access the victim’s bank account and steal their cash.

Hundreds of thousands of dollars in crypto stolen after Ledger code poisoned

Money-grubbing crooks abuse OAuth – and baffling absence of MFA – to do financial crimes

Philippines, South Korea, Interpol cuff 3,500 suspected cyber scammers, seize $300M

Millions of Xfinity customers’ info, hashed passwords feared stolen in cyberattack

The script can also inject an error message on the login page that says the banking services are unavailable for 12 hours. “This tactic aims to discourage the victim from attempting to access their account, providing the threat actor with an opportunity to perform uninterrupted actions,” Langus said.

Other actions include injecting a page loading overlay as well as scrubbing any injected content from the page. 

“This sophisticated threat showcases advanced capabilities, particularly in executing man-in-the-browser attacks with its dynamic communication, web injection methods and the ability to adapt based on server instructions and current page state,” Langus warned. “The malware represents a significant danger to the security of financial institutions and their customers.”

He also urged banking customers to “practice vigilance” with their banking apps. This includes using (and not re-using) strong passwords, not downloading software from unknown sources, and reporting any odd behavior to the banks. See the above-linked write-up for more technical info and some indicators of compromise, if you want to look out for this particular software nasty. ®

PS: AT&T Alien Labs this week drilled into information-stealing malware dubbed JaskaGO, which is written in Go and said to pose “a severe threat to both Windows and macOS operating systems.” The code uses multiple techniques to persist on an infected computer, and can siphon data including login credentials stored by browsers and attack cryptocurrency wallets. The telco also shared indicators of compromise if you want to seek and destroy that malware.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2023/12/20/credentialstealing_malware_infects_50k_banking/

Tags: Nastysomethingtechnology
Previous Post

Batman Returns Writer Talks Plans for Scrapped Catwoman Spinoff

Next Post

Here’s who thinks AI chatbots will eventually be smart enough to be your coworker

By cutting science, the Defense Department is eating its seed corn – Defense News

Slashing Science Funding: How the Defense Department Is Undermining Its Future Innovation

July 26, 2025
Opinion | Lifestyle Interventions Should Not be Replaced by GLP-1s – MedPage Today

Why Lifestyle Changes Must Stay the Cornerstone-Not GLP-1s

July 26, 2025
World’s most premature baby celebrates first birthday – The Guardian

World’s most premature baby celebrates first birthday – The Guardian

July 26, 2025
Idaho’s first geological engineering degree to power workforce, economy – Bonner County Daily Bee

Idaho Launches Its First Geological Engineering Degree to Boost Workforce and Drive Economic Growth

July 26, 2025
Top 5 entertainment news: Sandeep Reddy Vanga regrets trimming Animal’s runtime by 7-8 minutes, Akshay Ku – Times of India

Top 5 Entertainment Highlights: Sandeep Reddy Vanga Reveals Why He Trimmed Animal’s Runtime by 7-8 Minutes, Plus Akshay Ku Updates

July 26, 2025

How do the microplastics in our bodies affect our health? – BBC

July 26, 2025
Democratic candidates are posting weightlifting videos in search of a midterm lift – CNN

Democratic Candidates Pump Up Midterm Momentum with Weightlifting Videos

July 26, 2025

Eagle Unveils Revolutionary X-Ray Technology at Pack Expo

July 26, 2025
Canadiens Hard At Work On A Scorching July Day – Yahoo Sports

Canadiens Hard At Work On A Scorching July Day – Yahoo Sports

July 26, 2025
Foraging activity by an ecosystem engineer, the superb lyrebird, ‘farms’ its invertebrate prey – besjournals

How the Superb Lyrebird Cleverly ‘Farms’ Its Invertebrate Prey While Foraging

July 26, 2025

Categories

Archives

July 2025
MTWTFSS
 123456
78910111213
14151617181920
21222324252627
28293031 
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (739)
  • Economy (764)
  • Entertainment (21,645)
  • General (16,120)
  • Health (9,802)
  • Lifestyle (772)
  • News (22,149)
  • People (765)
  • Politics (773)
  • Science (15,979)
  • Sports (21,261)
  • Technology (15,746)
  • World (747)

Recent News

By cutting science, the Defense Department is eating its seed corn – Defense News

Slashing Science Funding: How the Defense Department Is Undermining Its Future Innovation

July 26, 2025
Opinion | Lifestyle Interventions Should Not be Replaced by GLP-1s – MedPage Today

Why Lifestyle Changes Must Stay the Cornerstone-Not GLP-1s

July 26, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version