The experts Cleafy are identified as a Trojan, the new bank for the Android, named DroidBotwhich cyber criminals cyber turks of the unknown, and to have tried to steal the credentials of the application of the bank, and the kuletave the kriptomonedhave. One of the countries most affected are Italy, France, the United Kingdom, Spain, and Portugal.
The theft of the data of the 77 applications
According to the findings of the Cleafy, DroidBot has been active since June, 2024. Delivered via a platform, MaaS (Malware-as-a-Service), with a cost of $ 3,000 per month. Customers served by a builder for personalization, to malware, servers, command and control (C2), and a panel for the administrator to monitor, attack, and to send commands to and receive data to be stolen.
Trojani it's hidden in a bank, Google, or applications, safety and security, similar to the legitimate. Of course, he also uses the services of the aksesueshmërisë to perform various operations on your Android device. The main features include: access to the TEXT and read access to the certificate issued by the two factors, the recording of the user (the theft of credentials and other data entered by the user), overlap (the display screen of a false entry on the legitimate power), the taking of the images on the screen and the unit VNC on the remote control.
The experts Cleafy identified 776 the device to be infected. The Malware can steal the credentials of the entry of the 77 applications, including BBVA, Binance, Credem, Kraken, Mediolanum, Banca Sella, Unicredit, and the Offices of the Italian.
The advice is always the same: install apps only from Google Play Store, pay attention to the construction and application of Google Play Protect.
Discussion about this post