Exobot Android Malware Targets Banking Apps

in #exobotbankingmalware6 years ago

The Android customers have been notified approximately every other Exobot banking malware supply code (v. 2.five) that changed into leaked on-line. It become surely first detected in might also 2018 after which it become dubbed as “Trump version.” This leak has result of Android malicious apps that has given the malware supply code which is now to be had inside the dark net hacking forums, consistent with the Tripwire.

https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/exobot-android-banking-trojans-source-code-leaked-online/

Screenshot_1.png

“The Trojan which gets the package name of the foreground app without requiring any additional permission. This is a bit buggy, still, but it works in most cases. The interesting part here is that no Android permissions are required. All other Android banking Trojans families which are using the Accessibility ore use Stats permissions to achieve the same goal and therefore it require user interaction with the victim,”

ThreatFabric security researcher, Cengiz Han Sahin told Bleeping Computer.
https://www.threatfabric.com/

It is of course no secret that the bank websites and the banking apps that are under attacks and that are using the Android Trojans to target the banking apps which his fairly commonplace. With this new Trump Edition, now there are two primary concerns for the security professionals:
First, whenever if any infected Android device which hits the financial website, the overlay attack steals the user information.
Second, the releases of any mobile banking malware that will quickly ripple across the complete device.

https://www.infosecurity-magazine.com/news/android-trojan-targets-200-global/

virus-3075845_1920.jpg

An increase in such attacks that could have a very long term implication which will likely impact more than financial institutions. “The data this malware is targeting will impact not only the banks and their customers but also the ecommerce companies and other industries,” said Ryan Wilk, VP of customer success, NuData Security, a Mastercard Company.

https://nudatasecurity.com/

“Personally identifiable information that is extracted from Exobot infected devices which will quicly find its way to the dark web, where it can easily be used against the account holder’s account, as well as the other online accounts.”

This source code which could easily increase in overlay attacks, according to the Frederik Mennes, the senior manager market and security strategy, security competence center at OneSpan ( https://www.onespan.com/ ). “Malware on the user’s mobile device shows a window on the top of the genuine mobile banking app that look very similar to the genuine app. In this way the malware aims to trick the user into entering his credentials into the overlay windows.”

Image (4).jpg

#malwareattack #androidmalware #androidtrojans #attackonbankingapps
6 years ago in #exobotbankingmalware by
$0.00
    2 votes
    Reply 2
    Sort:  
  • Trending
    • [-]
     5 years ago 

    Congratulations @mr-android! You received a personal award!

    Happy Birthday! - You are on the Steem blockchain for 1 year!

    You can view your badges on your Steem Board and compare to others on the Steem Ranking

    Do not miss the last post from @steemitboard:

    New japanese speaking community Steem Meetup badge
    Vote for @Steemitboard as a witness to get one more award and increased upvotes!
    $0.00
      Reply

      Coin Marketplace

      STEEM 0.20
      TRX 0.13
      JST 0.030
      BTC 64724.35
      ETH 3436.21
      USDT 1.00
      SBD 2.55