The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception.
As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we recently discovered a new banker, SoumniBot, which targets Korean users and is notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest.
Read more…
Source: Kaspersky
Related:
- Cybercrooks slurp nearly $1m from Russian bank after pwning router at regional branch
July 20, 2018
Hackers stole almost $1m from a Russian bank earlier this month after breaching its network via an outdated router. PIR Bank was looted by the notorious MoneyTaker hacking group, according to Group-IB, the Moscow-based security firm called in by the bank to handle incident response. Funds were stolen on 3 July through the Russian Central Bank’s Automated ...
- 6-Year-Old Dorkbot Banking Malware Resurfaces as Big Threat
July 12, 2018
Old banking malware called Dorkbot has reemerged in 2018 to become a serious threat. The banking malware called Dorkbot is back. Samples of the 6-year-old malware are now ranked the second biggest banking malware headache in 2018 so far, according to new data from Check Point. “Dorkbot, known malware that dates back to 2012, has entered back the ...
- Ticketmaster breach ‘part of massive card-skimming campaign’
July 12, 2018
The Ticketmaster breach was not a one-off, but part of a massive digital credit card-skimming campaign. Threat intel firm RiskIQ reckons the hacking group Magecart hit Ticketmaster only as part of a massive credit card card hacking campaign affecting more than 800 ecommerce sites. Magecart has evolved tactically from hacking sites directly, to targeting widely used third-party ...
- Mastercard: Biometrics use set to skyrocket
July 6, 2018
Biometric technology is set to become an integral part of all online shopping as the need for greater security increases, a new report has claimed. Research from Mastercard claims that one in four online transactions will need a greater level of authentication and security within the next 12 months. New EU regulations governing online fraud are set to come ...
- Olympic Destroyer Returns to Target Biochemical Labs
June 19, 2018
Olympic Destroyer, the threat actor that caused a crippling sabotage attack on the networks supporting this year’s Winter Games in Pyeongchang, South Korea, has resurfaced with a spy campaign – and with a wider target range. The new campaign began last month and is ongoing, employing spear-phishing documents that share much in common with the weaponized ...
- Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist
June 13, 2018
A cyberattack against Chile’s largest financial institution last month, which reportedly destroyed 9,000 workstations and 500 servers, was actually cover for a larger plot to compromise endpoints handling transactions on the SWIFT network. When the dust settled on the attacks, investigators said $10 million was stolen from Banco de Chile and funneled off to an account in Hong ...