A large-scale hacker attack was discovered, the victims of which were about 800 thousand smartphones in Russia. Criminals managed to get access to several million Euros in the Bank accounts of Russians.
It is clarified that Avast specialists determined that the Russian smartphones were attacked by a banking botnet that collects information and personal data. The infection has occurred since 2016.
It turned out that all infected devices were connected to Geost. As a result, attackers were able to remotely control the gadget. Hackers could send and receive SMS messages. The dangerous program was disguised as various banking services and social media applications, so it was easy to download it. The main targets of the Trojan were five banks located in Russia and Android devices.
Geost botnet used 13 command and control servers to launch hundreds of malicious domains. It was possible to expose it because of the mistake made by the scammers. They used a proxy network created by the malware HtBot, in which information was not encrypted. So, experts were able to find personal correspondence of criminals, which mentioned money laundering.
According to Avast employee Anna Shirokova, the company managed to gain access to the correspondence of cybercriminals and malware. "We got a really unprecedented idea of how such groups work," Shirokova shares her success. In total, experts studied eight months of correspondence, which was attended by 29 of the attackers.
The exact amount of theft is not called. Avast also did not specify who exactly was involved in the creation of the botnet.
According to researchers, the Geost botnet could control several billion rubles in the accounts of victims.
< ..Support the originator by clicking the read the rest link below.
