Currently, users mostly from in Eastern Europe & Russia are being targeted by this botnet.
Recently, researchers from the Czech Technical University, UNCOYO University based in Argentina and Avast Security have found an Android botnet named Geost by collaborating in on the investigations and have presented it at the Virus Bulletin 2019 conference held in London.
It was uncovered initially when its traffic was captured by a HtBot Malware on the server. The malware in question was being used to access millions of Euros in bank accounts based in Eastern Europe & Russia compromising more than 800,000 victims.
See: Android users installed 172 malicious apps 335m times last month
The connection between Geost and HtBot (Image credit: Avast)
The botnet was basically composed of numerous Android phones which were were infected by getting them to download malicious applications that had been uploaded by attackers on third-party Android stores. Using access to text messages on these phones, the malware took advantage of a common practice of Russian banks to send users plaintext passwords via SMS. In cases where this technique did not work, other methods such as the apps asking for login credentials were used.
See: Clones of popular Adblockers caught ad frauding millions of Chrome users
With the help of 13 command and control servers, over 140 domains and over 140 A ..
Support the originator by clicking the read the rest link below.
