Security researchers at Lookout have discovered the Anubis Android Banking malware is again wreaking havoc after being found targeting the customers of nearly 400 financial institutions, cryptocurrency wallets and virtual payment platforms.
This new malware campaign is also masquerading as the official account management application from leading French telecommunications company, Orange S.A.
The infamous Anubis is known for collecting significant data about its victim from their mobile device for financial gain. This is done using a number of techniques including intercepting SMSs, keylogging, file exfiltration, screen monitoring, GPS data collection and abuse of the device’s accessibility services.
It is understood that the Lookout team is working with Orange to remediate the issue and protect customers.
For those unaware, Anubis was first found across Russian hacking forums in 2016 and was leveraged as an open-source banking trojan with instructions on implementing its client and components.
Being a critical mobile threat, Lookout has revealed that Anubis has the following abilities:
Recording screen activity and sound from the microphone
Capturing screenshots
Sending mass SMS messages from the device to specified recipients
Retrieving contacts stored on the device
Sending, reading, deleting, and blocking notifications for SMS messages received by the device
Scanning the device for files of interest to exfiltrate
Locking the device screen and displaying a persistent ransom note
Capturing GPS data and pedometer statistics
Implementing a keylogger to steal credentials
Monitoring active apps to mimic and perform overlay attacks
Anubis even has the ability to prevent malicious functionality from interfering with its processes and from removing the malware from the device.
In order for Anubis to achieve this, it is stated that the malware needs to ensure the device owner enables third-party apps.
As of no ..
Support the originator by clicking the read the rest link below.
