During a recent proactive hunt for malicious mobile malware, Sophos X-Ops researchers from SophosLabs discovered a group of four credential-harvesting apps targeting customers of several Iranian banks. Most of the apps are signed using the same – possibly stolen – certificate, and share various classes and strings. The apps target the following banks:
- Bank Mellat
- Bank Saderat
- Resalat Bank
- Central Bank of Iran
Read more…
Source: Sophos News