Hackers Targeting 59 Banking, Fintech and Crypto Platforms, Stealing Credentials, PINs and More: Report

by

Hackers Targeting 59 Banking, Fintech and Crypto Platforms, Stealing Credentials, PINs and More: Report

Hackers are targeting nearly 60 banks, financial technology companies, and cryptocurrency platforms. They’re spreading their attacks through common apps like WhatsApp and Outlook.

According to BleepingComputer, a malware program called TCLBanker is infecting Windows computers by hiding inside fake Microsoft installation files.

Elastic Security Labs researchers have identified this as a significant advancement in the Maverick and Sorvepotel malware lineage.

TCLBanker is a type of malware that examines compromised devices, looking at settings like timezone, keyboard type, and language preferences. It can spread on its own through apps like WhatsApp and Microsoft Outlook.

After a compromised website is accessed, the malicious software establishes a connection with its central server and starts receiving remote commands.

This malware lets attackers secretly watch the screen, take screenshots, record keystrokes, steal clipboard data, run commands on the device, access files, and even control the mouse and keyboard remotely.

TCLBanker steals your personal information by displaying fake screens over legitimate apps and websites. These deceptive screens trick you into entering your usernames, passwords, PINs, phone numbers, and other sensitive data. They can mimic login prompts, PIN pads, bank support messages, Windows update notifications, or even progress bars, all designed to look real.

According to BleepingComputer, a threat called TCLBanker is focusing on apps used in Brazil. It closely tracks a user’s web browser, checking every second to see if they’re visiting any of the 59 websites it’s designed to monitor.

Read More

2026-05-16 18:21