Over 300,000 Android users downloaded banking trojan malware | IT PRO

Over 300,000 Android users downloaded banking trojan malware | IT PRO

The 300,000 dropper installations came from just four types of malware. Anatsa (200,000+ installations); Alien (95,000+ installations) and Hydra/Ermac (15,000+ installations).

The largest, Anatsa, is an advanced Android banking trojan with RAT and semi-ATS capabilities. It carries out classic overlay attacks to steal credentials, accessibility logging (capturing everything shown on the user’s screen), and keylogging.

Researchers discovered the first dropper in June 2021 masquerading as an app for scanning documents. In total, researchers found six Anatsa droppers published in Google Play since June 2021.

A hacking group called Brunhilda dropped malware from established families, like Hydra, as well as novel ones, like Ermac. This posed as a QR code creator app. Both families have been very active in the last months according to researchers and have recently started appearing in the US.

The Alien campaign was also run by the Brunhilda group. This used a fake fitness app to spread.

“This dropper, that we dubbed “Gymdrop”, is another example of how cybercriminals try to convince victims and detection systems that their app is legitimate. The app website is designed to look legitimate at first glance. However, it is only a template for a gym website with no useful information on it, even still containing ‘Lorem Ipsum’ placeholder text in its pages,” said researchers.

Researchers said the attention dedicated by these hackers to evading unwanted attention renders automated malware detection less reliable.

Shining light on new ‘cool’ cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Comparing serverless and server-based technologies

Determining the total cost of ownership

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.