MaliBot, a new threat to Android users in Europe, can access the bank accounts and steal access codes. FluBot was a virus that targeted android and could take full control of the devices. It can also access sensitive data including financial applications. This virus has caused millions of deaths worldwide. Europol confirmed his disappearance. However, everything suggests that the successor to FluBot has already been created. The firm that specializes in cybersecurity HTML5 was tasked to find the FluBot Trojan and to name it MaliBot. It is malware that targets two main Spanish financial institutions: Santander Bank and CaixaBank. MaliBot is a virus that looks a lot like FluBot.
Trojan masquerades as popular apps like Chrome
F5 researchers were able to identify that the Trojan’s origin is in Russia. This is the country where MaliBot can be stopped. It is a modified version (SOVA) of an already-known malware that was first used in campaigns back in June 2020. It has the following capabilities: app deletion, sensitive data collection and text message theft.
It was discovered that campaigns using this malware as their protagonist are mostly focused on Spain and Italy. These authors distributed the malware via websites, prompting users to download infected applications. Fake clones of popular tools such as Google Chrome and cryptocurrency apps were among these fake apps. MaliBot uses your permissions to access the victim’s phone list and sends SMS messages with links that contain the APK file. This is done in an attempt to spread the virus even further between devices.
This is called “smishing” Is it worth installing an antivirus for Android on your smartphone? MaliBot can perform actions on your Android device without any user interaction by gaining privileged permissions such as access to Android accessibility APIs. MaliBot is a virus that targets sensitive information about financial entities.
It was discovered that the malware contains a list with target apps in its code. This includes CaixaBank and Santander, both from Spain, as well as UniCredit, from Italy. There have been other techniques discovered to steal cryptocurrency from portfolios stored on platforms like Binance and Trust Wallet. While the threat is most severe for users in Spain and Italy today, MaliBot will likely expand its target areas and launch new campaigns to attack other parts of the globe over the coming weeks. Researchers recommend that you avoid downloading apps from outside the Google Play Store, and ignore SMS messages from unknown sources.
