GoldDigger Android trojan targets Vietnamese banking apps, code contains hints of wider targets

Trending 1 month ago
  1. Home
  2. Security
  3. GoldDigger Android trojan targets Vietnamese banking apps, code contains hints of wider targets

Singapore-based infosec outfit Group-IB connected Thursday released specifications of a caller Android trojan that exploits nan operating system's accessibility features to bargain info that enables theft of individual information.

The information investigation outfit wrote that nan trojan, named GoldDigger, presently targets Vietnamese banking apps – but includes codification suggesting its developers scheme wider attacks. Between June 2023, erstwhile it spotted GoldDigger, and precocious August, Group-IB identified 51 financial statement applications targeted by nan trojan. The information shape is unsure really galore devices person been infected, aliases really overmuch money has been stolen.

The malware makes its measurement onto devices aft users sojourn clone websites that manipulate them into downloading nan app. Once installed, GoldDigger requests entree to Android’s Accessibility Service – nan characteristic designed to assistance users pinch disabilities by allowing apps to interact pinch each different and modify nan personification interface.

Permission to usage nan Accessibility Service intends GoldDigger tin show and manipulate a device's functions and position individual accusation specified arsenic banking app credentials and nan contented of SMS messages, and nonstop that info to command-and-control servers. A codification snippet recovered by nan researchers suggests nan malware attempts to bypass 2 facet authentication, and is designed to fool banking apps that it is making morganatic transactions.

  • Kremlin-backed Sandworm strikes Android devices pinch data-stealing Infamous Chisel
  • Russia throws laminitis of infosec biz Group-IB successful nan clink for treason
  • Probe reveals antecedently concealed Israeli spyware that infects targets via ads
  • Suspected bank-infecting OPERA1ER crime leader cuffed

"We person not confirmed that nan Trojan operators usage these capabilities astatine nan clip of writing. However, based connected nan behaviour of different known Trojans akin to GoldDigger, we don't deliberation they disagree significantly," explained Group-IB.

"We are decidedly watching a important summation successful nan Android malware strains abusing nan Accessibility Service. For Android malware trends, location is simply a noticeable displacement distant from nan accepted usage of web fakes," Sharmine Low, malware expert astatine Group-IB, told The Register. Low said utilizing nan Accessibility Function was a "much much invasive attack compared to generating individual web clone files for each circumstantial target."

GoldDigger's developers person near clues that their ambitions whitethorn scope beyond Vietnam. The malware includes translations successful Chinese and Spanish, suggesting that countries wherever those languages are spoken whitethorn beryllium adjacent successful statement arsenic targets.

One measurement nan information patient noted nan malware could beryllium prevented – speech from nan accustomed cheque for updates, watch retired for different permissions and adopting fraud protection services – is to support nan "Install from Unknown Sources" mounting abnormal by default connected Android devices. Only if nan mounting is enabled tin APKs from sources extracurricular Google Play Store beryllium installed. ®

Related Article

60 US credit unions offline after ransomware infects backend cloud outfit

60 US credit unions offline after ransomware infects backend cloud outfit

1 day ago
Apple slaps patch on WebKit holes in iPhones and Macs amid fears of active attacks

Apple slaps patch on WebKit holes in iPhones and Macs amid fears of active attacks

1 day ago
UEFI flaws allow bootkits to pwn potentially hundreds of devices using images

UEFI flaws allow bootkits to pwn potentially hundreds of devices using images

1 day ago
US readies prison cell for another Russian Trickbot developer

US readies prison cell for another Russian Trickbot developer

1 day ago
Regulator says stranger entered hospital, treated a patient, took a document ... then vanished

Regulator says stranger entered hospital, treated a patient, took a document ... then vanished

1 day ago
Interpol makes first border arrest using Biometric Hub to ID suspect

Interpol makes first border arrest using Biometric Hub to ID suspect

1 day ago

Trending

1. Texas
2. FC Cincinnati
3. Duke Basketball
4. Kentucky basketball
5. Boise State football
6. Jalen Milroe
7. Tulane football
8. Suns
9. UFC
10. Florida State

Popular Article

These developers are doing something amazing with iPhone and iPad apps

These developers are doing something amazing with iPhone and iPad apps

13 hours ago
The best movies on Apple TV+ right now (December 2023)

The best movies on Apple TV+ right now (December 2023)

14 hours ago
7 best funny Christmas movies you should watch this holiday season

7 best funny Christmas movies you should watch this holiday season

13 hours ago
Google Chrome's new cache change could boost performance

Google Chrome's new cache change could boost performance

12 hours ago
iOS 17: How to share contacts using Apple’s amazing NameDrop feature

iOS 17: How to share contacts using Apple’s amazing NameDrop feature

15 hours ago
The Game Awards 2023: how to watch and what to expect

The Game Awards 2023: how to watch and what to expect

14 hours ago
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions · Disclaimer ·

©2023 PAK MEDIA BLOG.
All Rights Reserved.