Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 13:08:54 UTC
Home > List all groups > List all tools > List all groups using tool Ajina
 Tool: Ajina
Names Ajina
Category Malware
Type Banking trojan
Description
(Group-IB) In May 2024, Group-IB analysts discovered suspicious activity targeting bank
customers in the Central Asia region. The threat actors have been spreading malicious Android
malware designed to steal users’ personal and banking information, and potentially intercept
2FA messages. During the investigation, Group-IB discovered .APK files masquerading as
legitimate applications that facilitated payments, banking, deliveries, and other daily uses.
These malicious files were spread across Telegram channels.
Information Last change to this tool card: 23 October 2024
Download this tool card in JSON format
All groups using tool Ajina
Changed Name Country Observed
Unknown groups
 _[ Interesting malware not linked to an actor yet ]_
1 group listed (0 APT, 0 other, 1 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=25a15f49-2dd7-4894-b7d9-2e6c3f1456db
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=25a15f49-2dd7-4894-b7d9-2e6c3f1456db
Page 1 of 1