The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception.
As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we recently discovered a new banker, SoumniBot, which targets Korean users and is notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest.
Read more…
Source: Kaspersky
Related:
- 240,000 Credit Union Members Exposed
December 20, 2024
A recent data breach at SRP Federal Credit Union, based in South Carolina, has left over 240,000 members vulnerable to potential identity theft and financial fraud. Between Sept. 5 and Nov. 4, 2024, hackers accessed sensitive personal data, including Social Security numbers, driver’s license information, dates of birth and financial account details. The ransomware group Nitrogen ...
- US consumer watchdog sues big banks over ‘widespread’ fraud on Zelle payment app
December 20, 2024
The U.S. Consumer Financial Protection Bureau said on Friday it filed a lawsuit against JPMorgan Chase, Bank of America and Wells Fargo for failing to protect consumers from alleged “widespread fraud” on payments platform Zelle. The lawsuit was initiated as the watchdog moves ahead with an aggressive agenda in the final weeks of Joe Biden’s Democratic ...
- Lazarus group evolves its infection chain with old and new malware
December 19, 2024
Over the past few years, the Lazarus group has been distributing its malicious software by exploiting fake job opportunities targeting employees in various industries, including defense, aerospace, cryptocurrency, and other global sectors. This attack campaign is called the DeathNote campaign and is also referred to as “Operation DreamJob”. Kaspersky researchers have previously published the history of ...
- 5 million payment card details stolen in painful reminder to monitor Christmas spending
December 17, 2024
Another day, another exposed S3 bucket. This time, 5 million US credit cards and personal details were leaked online. The Leakd.com security team discovered that 5 terabytes of sensitive screenshots were exposed in a freely accessible Amazon S3 bucket. An S3 bucket is like a virtual file folder in the cloud where you can store various ...
- Jamaica: Police charge 6 people in connection with cyber attack on account of bank customer
December 7, 2024
The six people arrested last week in connection with a multi-million dollar cyber attack on the account of a customer of the National Commercial Bank, have been charged. This was disclosed by Dane Nicholson, Head of the Anti-Fraud Committee of the Jamaica Banker’s Association, who said the suspects were charged on Thursday and are booked to ...
- TaxOff: um, you’ve got a backdoor…
November 27, 2024
In Q3 2024, the Positive Technologies Expert Security Center (PT ESC) TI Department discovered a series of attacks on Russian government agencies. PT ESC researchers were unable to establish any connection with known groups using the same techniques. The main goal was espionage and gaining a foothold to follow through on further attacks. They dubbed the group ...