Dockerized Redis performance on CentOS 7.5


    ThreatMark AFS (Anti Fraud Suite) is a system that delivers real-time insights on the user behavior and risk associated with every user action within digital banking or similar applications. Similarly to other enterprise systems, AFS uses several open source components. The usage of such components naturally brings challenges around its deployment, maintenance, and performance. Redis is one of these components. AFS relies on Redis as a cache and storage for session data, making it a critical piece of our infrastructure. Previously Redis was deployed, along with database, on bare OS (virtualized or bare-metal). In an effort to converge to a cloud native infrastructure, we have decided that Redis is a good candidate for dockerization. The initial step is borderline trivial R ...


Another Malware from Spy.Banker Family Attacks Czech Banks


Czech banks are under attack again. To be more specific, their clients are. Using the already proven strategy, a trojan horse called Android/Spy.Banker.AKJ delivers malicious payload using a trojanized application called Blockers Call 2019. The goal of this malware is to trick the user and perform a fraudulent transaction on their behalf.   Ten-thousand Users Endangered As said above, this attack aims specifically at customers of several Czech banks, which have installed an application called Blockers Call 2019 (com.callblocker.adroid) from Google Play. Application, which was an initially a useful tool for blocking unwanted phone calls, has been trojanized. It is simillar the technique we have witnessed in the QRecorder case a few months ago. After uploading, Spy.Banker.AKJ (sometimes ...


Attack Vector of Android/Spy.Banker.AIX. Country Specific Malware Aimed at Banking Application

Attack Vector of Android/Spy.Banker.AIX. Country Specific Malware Aimed at Banking Application Any application that you have installed on your mobile phone can be a ticking bomb if unprotected. You would not expect a well-known application like QRecorder with its 10,000 installs that it will seize your credentials, steal authorization SMS, and transfer your money to an unknown account. Up until today, almost €78,000 have been stolen.   Setting the Scene The popular QRecorder application has been available in the Google Play repository for a long time. After the latest update, the application has been trojanized. A trojan horse called Android/Spy.Banker.AIX allows an attacker to perform fraudulent transactions on behalf of the client. Following many other affairs with compromised appli ...


Banking Trojans are on the rise 


Over the last 2 months a massive growth of banking trojans was identified and reported by multiple security research resources. Banking trojans, such as Zeus, Ramnit and Trickbot, are among the top ten most popular banking malware families that are used to steal money from users’ accounts lately. Once installed on a victim’s computer, they are able to recognize when a victim is logging in into her/his account and collect sensitive information – credentials or even PIN numbers. All of these banking trojans utilize the same set of methods – keystroke logging, form grabbing and webinjects.   One of the reasons why these Trojans has rapidly spreaded over the world is that fraudsters are very fast in inventing new features, re-writing existing Trojans and utilizing stealth techniques ...


ThreatMark announces partnership with BSC


ThreatMark has reached an important agreement with leading multichannel solution provider – BSC. ThreatMark will provide BSC its fraud detection platform that helps broaden portfolio of the BSC products for their banking customers. The new integrated platform will make BSC customers stay ahead of financial fraud and compliant with the new regulations such as PSD2.   “This is not only business partnership it is technical integration of the two modern products into one powerful multichannel platform. This is quite logical step as customers want all-in-one digital banking solution that is both modern, secure and regulation ready. This agreement will allow us not only to accelerate our business activities in CEE region, but also, and more importantly, to boost business activities on ...