Techrecipe

Malicious codes for Android apps

Trojan-based malicious code variants that operate on Android smartphones include 32 wallet users, including coin-based coin-based exchanges and bill paying companies, as well as banking sites such as US major banks such as JP Morgan, Wells Fargo and Bank of America. .

According to a Group IB investigation, a cybercrime analysis company in Russia, the first detection Trojan was named Gustuff. Gustav is designed for mass infections and is spreading via SMS messages, including links to package files for Android.

The author of Gustaf said that he created automatic transmission system by using automatic input function such as payment items commonly used in Android apps. Gustaf also aims to create a number of phishing sites that steal cryptographic user information by masquerading as a real app against 32 cryptographic app users. This structure allows for automatic input by downloading counterfeit data that mimics a spoofed app and a real website through push notifications that steal common app icons. It also exploits Android user assistance developed for people with disabilities.

 

https://platform.twitter.com/widgets.js

Group IB has identified spoofed apps targeting more than 100 banking apps and 32 currency coin apps, including 27 in the US, 17 in Poland, 10 in Australia, 9 in Germany, and 8 in India. PayPal Online Banking, Western Union, eBay, Wal-Mart, Skype, Watts apps and payment systems and messenger apps are also one of the targets. Group IB warned Android users to download apps only from Google Play and pay attention to downloaded file extensions. For more information, please click here .