Backswap is a banker, which we first observed around March 2018. It’s a variant of old, well-known malware TinBa (which stands for “tiny banker”). As the name suggests, it’s main characteristic is small size (very often in the 10-50kB range). In the summary, we present reasoning for assuming …

While researching incidents that are reported to us, we encountered a new campaign of attacks against Internet banking, this time utilizing hacked home routers. This is a variant of a method we have first observed more than a year ago. The criminals take over control of a home router and …