According to Zimperium, a mobile security firm, 19 older Trojan variants were upgraded in 2023, and with the brand new 10 variants, this brings the total number of Trojans that are targeting banking apps on Android devices to 29. With all of that having been said and now out of the way, it is important to note that they are all using automated transfer systems to intercept MFA tokens, and they are also responsible for transferring funds out of accounts.
Malicious actors can also obtain these Trojans through malware as a service deals, with subscriptions to these variants costing anywhere from $3,000 to $7,000 per month. They also include screen sharing features that can be used in tandem with social engineering to allow malicious actors to pose as customer service personnel. Such features are risky because of the fact that this is the sort of thing that could potentially end up leading unwary users to downloading the Trojans onto their own systems without realizing the dangers involved.
Nexus is one of the ten Trojans making their way into the financial industry, with 498 variants, live screen sharing capabilities and a footprint across 9 countries and 39 apps. Godfather is a much more widespread Trojan with 1,171 variants that we know of so far. They have all managed to spread to a whopping 57 countries, and 237 banking apps have been impacted by them so far.
Some Trojans have a smaller footprint, such as BrasDex which only targets eight banking apps solely in the nation of Brazil. Others have an international footprint such as Vultur, which only has 9 variants but has spread to 15 countries and targeted somewhere in the region of 122 banking apps.
Read next: US Security Agency Urges Tech Makers To Stop Manufacturing Products With Default Passwords
by Zia Muhammad via Digital Information World
No comments:
Post a Comment