The development comes as Android users in Vietnam have been victimized by a new strain of banking cum stealer malware known as HelloTeacher that uses legitimate messaging apps like Viber or Kik as a cover to siphon sensitive data and carry out unauthorized fund transfers by abusing the accessibility services API.Īlso discovered by Cyble is a cloud mining scam that "prompts users to download a malicious application to start mining," only to take advantage of its permissions to the accessibility services to gather sensitive information from cryptocurrency wallets and banking apps. "These are very specific commands that are not typically seen in Android malware," Štefanko pointed out. What makes the new version of GravityRAT stand out is its ability to steal WhatsApp backup files and receive instructions from the command-and-control (C2) server to delete call logs, contact lists, and files with particular extensions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |