Security News > 2020 > February > Phishing Campaign Targets 250 Android Apps with Anubis Malware
A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device's data for ransom.
Researchers at Cofense, who discovered the campaign, said the malware targets more than 250 Android apps with tailored login overlay screens used to capture credentials inputted into the apps.
The campaign mainly scans phones for banking and financial apps, but also checks for popular marketplace apps such as eBay or Amazon so it can steal relevant user financial data.
In November code from Anubis turned up in a new custom mobile banking malware for Android, dubbed Gnip.
To avoid being a victim of this latest phishing attack, Cofense recommends that users limit their installation of apps on corporate devices, using only apps created by trusted developers that they download from official marketplaces, he added.
News URL
https://threatpost.com/phishing-campaign-targets-250-android-apps-with-anubis-malware/152666/
Related news
- TrickMo malware steals Android PINs using fake lock screen (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Cyber crooks push Android malware via letter (source)