Security News > 2022 > June > New MaliBot Android banking malware spreads as a crypto miner

Cybersecurity researchers have discovered a new Android banking malware named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain.

MaliBot focuses on stealing financial information such as e-banking service credentials, crypto wallet passwords, and personal details, while it's also capable of snatching two-factor authentication codes from notifications.

MaliBot is a powerful Android trojan that secures accessibility and launcher permissions upon installation and then grants itself additional rights on the device.

Like most banking trojans, MaliBot retrieves a list of installed apps to determine which bank apps are used by the victim to fetch the matching overlays/injections from the C2. When the victim opens the legitimate app, the fake login screen is overlaid on top of the UI. What we should expect.

This is a sign that the development is very active, and new versions of MaliBot are expected to enter circulation soon, possibly raising the potency of the novel malware.

At the time of writing this, the websites distributing MaliBot remain online, so the malware distribution operation is still pretty much active.

News URL

https://www.bleepingcomputer.com/news/security/new-malibot-android-banking-malware-spreads-as-a-crypto-miner/