Monday, April 27, 2015

Android-Bunker attack and after the arrest of their distributors – Ferra

The specialists of “Doctor Web” found new versions of Android-Trojan family Android.BankBot, attacking the banks’ customers many countries. Some modifications of these Trojans, also known under the name Svpeng, are dangerous because they kidnapped money from the bank accounts of users of mobile Android-devices and are able to shut down a number of antivirus programs.

The Trojans family Android.BankBot familiar Specialist security for several years. However, they received wide popularity only in the beginning of April 2015, when the Russian Interior Ministry reported the arrest cybercriminals use multiple versions of these malicious applications in implementing attacks on customers of a number of Russian and foreign credit institutions. Despite the fact that the activities of these intruders was foiled, dissemination Trojans other virus writers continued, as evidenced by the appearance of another modification of Bunker.

For example, recently virus analysts of “Doctor Web” found several similar Trojan, among which – Android.BankBot.43 and Android.BankBot.45. They are distributed under the guise of legitimate software, such as games, media players, or upgrade your operating system, and through the use of various methods cybercriminals social engineering hastily installed on Android-smartphones and tablets by the same users.

The main purpose of the Trojan family of Android. BankBot – theft of confidential banking information of users and the theft of their funds. For this attack malicious applications installed on users’ mobile devices programs such as “Client-Bank” a number of credit institutions, as well as program Play Store. However, this is – is not the only danger from Trojan family Android.BankBot. So, many of them are able to interfere with the operation of several popular antivirus applications at a time when those attempts are made to remove Bunker from infected mobile devices.


No comments:

Post a Comment