follow us on twitter . like us on facebook . follow us on instagram . subscribe to our youtube channel . announcements on telegram channel . ask urgent question ONLY . Subscribe to our reddit . Altcoins Talks Shop Shop


This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here Ads bidding Bidding Open

« previous next »
Pages: [1]   Go Down

Author Topic: ‘Weapon of Mass Infection’ Malware Targeting Cryptocurrency and Banking Apps  (Read 960 times)

Offline Pegasus

  • Legendary
  • *
  • Activity: 1502
  • points:
    9826
  • Karma: 28
  • Trade Count: (0)
  • Referrals: 0
    • Last Active: May 23, 2023, 06:19:09 PM
    • View Profile

    • Total Badges: 21
    Badges: (View All)
    Fifth year Anniversary Fourth year Anniversary 10 Posts
‘Weapon of Mass Infection’ Malware Targeting Cryptocurrency and Banking Apps
« on: March 31, 2019, 04:35:29 AM »

If the internet was a person, it would likely be riddled with disease. Malware is always an ever-present threat, found on internet sites, in emails, and even in apps. A new Trojan has been making the rounds, and it is highly effective, targeting more than 130 apps associated with banks, cryptocurrency exchanges, and instant messaging platforms.

Malware Labeled ‘Weapon of Mass Infection’

The malware in question is dubbed Gustuff, and Russian cybersecurity firm Group-1B says it has been operating for a year. Gustuff is being spread by hackers on Android devices in order to gain access to users’ Android Accessibility feature.


Android Accessibility was created for people with disabilities so that certain UI interactions would become automated. Gustuff uses this access to give itself admin rights to target over a hundred apps associated with banks and cryptocurrency exchanges.

Group-1B says Gustuff is more sophisticated than similar Trojans as it implements an ATS system, which means it can make banking transactions directly from the user’s infected device. Instead of stealing account data and sending it to the hacker, Gustuff will actually open apps, fill in the required data, and make financial transactions on its own.

Over 130 Apps Targeted

The number of apps being targeted by Gustuff is staggering. 32 cryptocurrency apps have been identified so far, such as Coinbase, BitPay, and Bitcoin Wallet. The malware is also targeting 100 banking apps, such as those from Capital One, TD Bank, JP Morgan, and PNC Bank.


The reach of Gustuff continues to popular messaging apps as well. Walmart, eBay, WhatsApp, Western Union, Skype, and Get Taxi are just some of the Android apps in the malware’s crosshairs.

Group-1B notes:

Using the Accessibility Service mechanism means that the Trojan is able to bypass security measures used by banks to protect against older generation of mobile Trojans and changes to Google’s security policy introduced in new versions of the Android OS.

Moreover, Gustuff knows how to turn off Google Protect; according to the Trojan’s developer, this feature works in 70 percent of cases.

The good news is that while Gustuff is powerful, it’s not very prevalent yet. It appears to be unable to bypass Google’s security scans, so it has not shown up in the Google Play Store.

Source
Logged

Altcoins Talks - Cryptocurrency Forum

‘Weapon of Mass Infection’ Malware Targeting Cryptocurrency and Banking Apps
« on: March 31, 2019, 04:35:29 AM »

This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here Ads bidding Bidding Open

Pages: [1]   Go Up
« previous next »
 

ETH & ERC20 Tokens Donations: 0x2143F7146F0AadC0F9d85ea98F23273Da0e002Ab
BNB & BEP20 Tokens Donations: 0xcbDAB774B5659cB905d4db5487F9e2057b96147F
BTC Donations: bc1qjf99wr3dz9jn9fr43q28x0r50zeyxewcq8swng
BTC Tips for Moderators: 1Pz1S3d4Aiq7QE4m3MmuoUPEvKaAYbZRoG
Powered by SMFPacks Social Login Mod