SoumniBot: the new Android banker’s unique techniques


The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception.

As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we recently discovered a new banker, SoumniBot, which targets Korean users and is notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Prudential reveals it was hit by data breach

    February 14, 2024

    Hackers were able to break into one of the largest life insurance companies in the United States and stole sensitive employee and contractor data. Prudential Financial has filed an 8-K form with the U.S. Securities and Exchange Commission (SEC) detailing the attack, according to a report. As per the filing, unnamed threat actors accessed the networks ...

  • State of Emergency: How Minnesota hospitals, state officials prepare for cyber attacks

    February 13, 2024

    The State of Minnesota stores and protects data on some six million residents, and that’s only one cache of sensitive information under the close watch of Minnesota IT Services (MNIT). “It’s everything from highways and highway traffic control systems, we run the zoo. We run everything in between,” John Israel, chief information security officer at MNIT, ...

  • Bank Of America Warns Customers Of Data Breach Following 2023 Hack

    February 13, 2024

    A November 2023 breach at IT consulting and service provider Infosys McCamish Systems has now been confirmed to have led to a data breach impacting Bank of America customers. The number of Bank of America customers impacted by the breach, including personally identifiable information such as social security numbers, account numbers, date of birth and addresses, ...

  • Coyote: A multi-stage banking Trojan abusing the Squirrel installer

    February 8, 2024

    The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, Kaspersky researchers encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil. What caught their attention was the sophisticated infection chain that makes use of various ...

  • Oman sees surge in cyber crimes

    February 5, 2024

    The Public Prosecution in Oman has revealed that there were 140 cases of cybercrime in 2023, compared to 126 in 2022 while cases related to online content increased to 2,686 in 2023 from 2,519 in 2022. These cases included misusing financial cards, attempting, assisting, or agreeing to commit information technology fraud. Cases involving a violation of ...

  • The dangers of unused bank accounts and how to close them

    January 26, 2024

    If you’re like most people, you’ve likely got at least a few unused bank accounts floating around. However, there may be financial and security dangers associated with keeping these unused bank accounts active. Security risks of unused bank accounts Fraud exposure: Unused bank accounts can become targets for fraud. Closing these accounts minimizes the risk. Avoidance of fees: ...