Uncovering an Iranian mobile malware campaign

During a recent proactive hunt for malicious mobile malware, Sophos X-Ops researchers from SophosLabs discovered a group of four credential-harvesting apps targeting customers of several Iranian banks. Most of the apps are signed using the same – possibly stolen – certificate, and share various classes and strings. The apps target the following banks:

  • Bank Mellat
  • Bank Saderat
  • Resalat Bank
  • Central Bank of Iran

Read more…
Source: Sophos News