Blog
Share This Post
[ad_1]
BleepingComputer reports that nearly 20 threat operations have already leveraged the newly emergent Turkish Android banking malware-as-a-service platform DroidBot — which seeks to compromise credentials from 77 banking and cryptocurrency apps, including BBVA, Santander, Binance, and KuCoin — to create payloads that have already infected 776 devices in France, Germany, Italy, Turkey, and the UK.
Malicious apps spoofing the Google Chrome, Google Play Store, and Android Security apps have been leveraged to lure targets into downloading DroidBot Android banking trojan, which not only enables keystroke logging and fake login page overlaying but also facilitates the interception of incoming text messages, especially those with banking one-time passwords, and remote device viewing and control through a Virtual Network Computing module, according to a report from Cleafy. Further analysis revealed that DroidBot also provided affiliates with a comprehensive malware builder, admin panel, and command-and-control server access, enabling usage even among less sophisticated threat actors.
Get essential knowledge and practical strategies to fortify your applications.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
