The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception.
As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we recently discovered a new banker, SoumniBot, which targets Korean users and is notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest.
Read more…
Source: Kaspersky
Related:
- Hacker documents show NSA tools for breaching global money transfer system
April 16, 2017
Documents and computer files released by hackers provide a blueprint for how the U.S. National Security Agency likely used weaknesses in commercially available software to gain access to the global system for transferring money between banks, a review of the data showed. On Friday, a group calling itself the Shadow Brokers released documents and files indicating ...
- Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day
April 10, 2017
This weekend saw multiple reports of a new zero-day vulnerability that affected all versions of Microsoft Word. Today, Proofpoint researchers observed the document exploit being used in a large email campaign distributing the Dridex banking Trojan. This campaign was sent to millions of recipients across numerous organizations primarily in Australia. This represents a significant level of ...
- Payday lender Wonga admits to data breach
April 10, 2017
Payday lender Wonga has advised 270,000 customers of a data breach and offered inconsistent advice about the severity of the incident and how to respond. An “incident FAQ” on the company’s site says “We believe there may have been illegal and unauthorised access to the personal data of some of our customers.” The Reg understands 270,000 ...
- Finance firms to spend more on security as concern over cyber crime soars
April 5, 2017
Over 80pc of financial services firms plan to pump cash into cybersecurity this year, almost double that of last year as fears over cyber attacks swell. Corporate adviser Duff & Phelps, which analysed 200 executives in Europe, Hong Kong and the US, said 86pc of financial services firms intend to spend more time and money on cybersecurity this year. That’s a significant increase on last year, ...
- Lazarus APT Spinoff Linked to Banking Hacks
April 3, 2017
The Lazarus Group, a nation-state level of attacker tied to the 2014 attacks on Sony Pictures Entertainment, has splintered off a portion of its operation to concentrate on stealing money to fund itself. The group, widely believed to be North Korean, has been linked to a February 2016 attack against the Bangladesh Central bank that resulted ...
- Banking Malware Source Code Leaked by Author to Gain Credibility Among Hackers
March 29, 2017
The source code for a new Trojan called Nuclear Bot has been leaked online, which may spark a rise in attacks against banking services. As it happens almost every time the source code for a malicious program lands online, it is quite likely to see more unskilled cybercriminals launching malware attacks against users. Nuclear Bot first landed ...