Security News > 2020 > November > Ghimob Android Banking Trojan Targets 153 Mobile Apps
A new banking trojan has been discovered targeting Android users, with the capabilities to spy on 153 mobile apps from various banks, cryptocurrencies and exchanges.
Kaspersky telemetry shows that all victims of the Ghimob mobile banking trojan are currently located in Brazil at the moment.
"Ghimob is the first Brazilian mobile banking trojan ready to expand and target financial institutions and their customers living in other countries," said researchers with Kaspersky, in a Monday analysis.
"Compared to BRATA or Basbanke, another mobile banking trojan family originating in Brazil, Ghimob is far more advanced and richer in features, and has strong persistence."
Guildma is a threat actor that's part of the Tetrade family of banking trojans - Kaspersky's designation for four large banking trojan families created, developed and spread by Brazilian crooks.
News URL
https://threatpost.com/ghimob-android-banking-trojan/161075/
Related news
- Chameleon Android Banking Trojan Targets Users Through Fake CRM App (source)
- Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users (source)
- TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud (source)
- New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities (source)
- New Android Trojan "BlankBot" Targets Turkish Users' Financial Data (source)
- Czech Mobile Users Targeted in New Banking Credential Theft Scheme (source)
- Hackers steal banking creds from iOS, Android users via PWA apps (source)