Verticals Targeted: Financial
Regions Targeted: US, Canada
Related Families: None
Anatsa Android Banking Trojan Targets US Banks
Jul 18, 2025 2:08:41 PM / by The Hivemind posted in Threat Bulletin, Banker, Banking Trojan, Anatsa, Android Malware, overlay attacks, Google Play Store, credential theft, North America, financial fraud, device takeover, mobile banking
Coyote Banking Trojan
Feb 7, 2025 1:04:08 PM / by The Hivemind posted in Threat Bulletin, Windows, Banker, Banking Trojan, Evolving Threat, Coyote
Verticals Targeted: Financial
Executive Summary
Coyote, which was first observed in early 2024, is a banking trojan that has targeted over 1030 sites and 73 financial institutions.
ToxicPanda Android Banking Trojan
Nov 12, 2024 12:41:07 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Banker, Banking Trojan, ToxicPanda, TgToxic
Related Families: TgToxic
Verticals Targeted: Financial
Executive Summary
ToxicPanda is an Android banking trojan that was first seen in the wild in October 2024. It allows threat actors to steal a victim’s money via account takeover (ATO) using On-Device Fraud (ODF).
Ajina Android Malware
Sep 23, 2024 2:03:45 PM / by The Hivemind posted in Threat Bulletin, Android, Banker, Ajina
Verticals Targeted: Financial
Executive Summary
Ajina is an Android banking malware that masquerades as legitimate Android apps in order to steal banking information and intercept 2FA.
Brokewell Android Banking Trojan
May 6, 2024 2:48:46 PM / by The Hivemind posted in Threat Bulletin, Financial, Android, Trojan, Banker, Banking Trojan, Baron Samedit, Brokewell
Verticals Targeted: Financial
Executive Summary
Brokewell is a newly discovered Android banking trojan with Device Takeover capabilities. Despite being a newcomer to the threat landscape, Brokewell poses a significant threat to the banking industry.
Vultur Android Malware
Apr 5, 2024 1:49:09 PM / by The Hivemind posted in Threat Bulletin, Android, Brunhilda, Vultur, Mobile, Banker
Related Families: Brunhilda
Verticals Targeted: Financial
New BBTok Variant
Oct 2, 2023 2:44:45 PM / by The Hivemind posted in Threat Bulletin, Financial, Banker, Banking Trojan, BBTok, Latin America
Verticals Targeted: Financial
Executive Summary
BBTok, written in Delphi, is a banking trojan that has been active since at least 2020. A new variant was recently observed targeting financial entities in Latin America.
Nexus Android Banking Trojan
Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA
Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency