Security News > 2020 > November > Watch Out! New Android Banking Trojan Steals From 112 Financial Apps
Four months after security researchers uncovered a "Tetrade" of four Brazilian banking Trojans targeting financial institutions in Brazil, Latin America, and Europe, new findings show that the criminals behind the operation have expanded their tactics to infect mobile devices with spyware.
According to Kaspersky's Global Research and Analysis Team, the Brazil-based threat group Guildma has deployed "Ghimob," an Android banking Trojan targeting financial apps from banks, fintech companies, exchanges, and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique.
What's more, Ghimob targets as many as 153 mobile apps, 112 of which are financial institutions based in Brazil, with cryptocurrency and banking apps in Germany, Portugal, Peru, Paraguay, Angola, and Mozambique accounting for the rest.
"Ghimob is the first Brazilian mobile banking trojan ready to expand and target financial institutions and their customers living in other countries," Kaspersky researchers concluded.
"The Trojan is well prepared to steal credentials from banks, fintechs, exchanges, crypto-exchanges, and credit cards from financial institutions operating in many countries."
News URL
Related news
- Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users (source)
- TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud (source)
- New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities (source)
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)