New Banking Trojan Discovered that named Android.BankBot.211.Origin controls the Mobile Devices and steals confidential bank customer information by using accessibility services.
This Banking Trojan forced Victims to grant the access to install into their Mobile and it Distributed through Well known applications such as Adobe Flash Player.
Once successfully installed and launches the Trojan, the banker tries to gain access to the Accessibility Service.
Trojan keep Displays in Windows with a a request that “reappears at every attempt to close it” which make the device doesn’t allow to used it by the Victim.
Accessibility services helps to user to disables the program which not in used by the users such as buttons in dialog boxes.
Also Read Vault 7 Leaks: CIA Owned PoC Malware Development Surveillance Projects
This Trojan forced the user to allow the Malicious Program that independently adding into the administrator access list.
According to Dr.Web, Android.BankBot.211.origin establishes itself as the default message manager and gains access to the screen capture function. All these actions are accompanied by a display of system requests that can be overlooked entirely because the malicious program immediately confirms them.
If users tried to disable the Android.BankBot.211.origin program, soon it returns to Previous system Menu.
Fraudulent windows Android.BankBot.211.origin
Once the infection has successfully completed, it will be connected to the command and control server and wait for the further instructions to steal the information from the Victims.
This Trojan has the Ability to attack any Applications and Malware authors update their access configuration files for the list of targeted programs.
Attacker received the list Once C&C sever connection successfully obtained.
According to Dr.Web After successful infection it can able to Perform the following Actions.
Also Read Vulnerability Bad Taste Affects Linux Machine via Windows MSI Files
Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting 693,635…
A database containing over 1,000 email accounts associated with the National Health Service (NHS) has…
Researchers from Avast have uncovered a vulnerability in the cryptographic schema of the Mallox ransomware,…
A recently discovered vulnerability in Red Hat's NetworkManager, CVE-2024-8260, has raised concerns in the cybersecurity…
Tor Browser 14.0 has been officially launched. It brings significant updates and new features to…
INE Security offers essential advice to protect digital assets and enhance security. As small businesses…