New Android trojan targeting over 60 banks and social apps
Published: 2024-10-01 · Archived: 2026-04-05 19:53:38 UTC
Since the beginning of this year, ThreatFabric’s threat hunters have discovered several Google Play malware
campaigns using new modi operandi such as clean dropper apps that effectively evaded all antivirus and Google
Play protection solutions (Bouncer & Protect) for months. Unfortunately this was not the only threat this year.
Android actors such as ExoBot have also been very busy adding Remote Access Trojan capabilities (SOCKS5 and
VNC) to their software in their attempt to evade fraud detection solutions of financial organizations that mainly
rely on IP-based geolocation and device binding vectors.
The shift of malware campaigns from desktop (Windows) to mobile (Android) seems largely related to the fact
that these days most transactions are initiated from mobile devices instead of the desktop. This motivates actors to
invest in developing solutions that target Android and have the same capabilities as the malware variants that have
been evolving on the desktop for years.
Source: https://www.threatfabric.com/blogs/new_android_trojan_targeting_over_60_banks_and_social_apps.html
https://www.threatfabric.com/blogs/new_android_trojan_targeting_over_60_banks_and_social_apps.html
Page 1 of 1