Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Brazilian mobile users hit with banking malware
#1
Brazilian mobile users hit with banking malware


Quote:According to virus specialists Doctor Web, cybercriminals were distributing the Android.BankBot.495.origin trojan on Google Play under the guise of applications that supposedly allowed WhatsApp monitoring of Android-based devices.
When launched, the malware would attempt to gain access to Android accessibility features, which would in turn allow continue operating in the background, tap buttons and steal contents of active application windows.
The security analysts looked into the malware behavior in some of Brazil's largest banks. In one example cited in the report, when interacting with Bradesco, the country's second-largest private bank, the trojan would read the victim's account information and automatically attempt logging in by entering the PIN code received from the command and control server.
The trojan Android.BankBot.495.origin would then get access to users' account balances along with other private banking data, then transfer it to cybercriminals.
Contacted by ZDNet, Bradesco said the transactional environment of the bank is safe and that operations can only be carried out through a mobile token.
As well as banks, the analysts point out that the Android-based malware is also used to perform phishing attacks in other applications, including Uber, Netflix and Twitter.
Once launched, the trojan displays an overlay window with a fraudulent web page simulating the attacked app, loaded from the second command and control server. This then leads users to enter then confidential data.
https://www.zdnet.com/article/brazilian-...g-malware/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Coyote: A multi-stage banking Trojan abusing the Squirrel installer mrtrout 0 703 02-13-2024 , 03:37 AM
Last Post: mrtrout
  Android malware BrazKing returns as a stealthier banking trojan mrtrout 0 560 11-19-2021 , 10:08 AM
Last Post: mrtrout
  Strange new malware prevents users from visiting piracy websites dhruv2193 0 660 07-16-2021 , 11:10 AM
Last Post: dhruv2193
  New Variant of IcedID Banking Trojan Spreading Wildely mrtrout 0 994 06-29-2021 , 11:24 PM
Last Post: mrtrout
  Bizarro Banking Trojan Sports Sophisticated Backdoor Bjyda 0 735 05-23-2021 , 09:22 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)