The researchers have explored the trojan to be an expert at hiding itself from detection.
The Anubis banking trojan is back again to haunt Android users. The Mobile banking malware was spotted last year and was found to be on the Android devices via infected downloads done over the Google Play Store and carries malware for Android devices.
After making its way into the device, Anubis trojan seeks user’s permission to access the services, and once granted, the trojan keylog and steal login credentials of the banking apps, payment cards, and e-wallets.
Anubis has introduced new and dreadful tactics that range from screen recording to steal credentials to intentionally locking the device to mask its activities. With time, security experts have found the Android malware app to be a full-blown banking trojan that can literally choke down any device.
BankBot Anubis loaded with various botnets and configurations is actively targeting users in the following countries:
The SecurityIntelligence backed by IBM stated about the password-stealing malware in one of its recent reports,
“Starting in June, our team discovered a number of new malware downloader samples that infect users with BankBot Anubis (aka Go_P00t). The campaign features at least 10 malicious downloaders disguised as various applications, all of which fetch mobile banking Trojans that run on Android-based devices. While the number of downloaders may seem modest, each of those apps can fetch more than 1,000 samples from the criminal’s command-and-control (C&C) servers.”
The password-stealing malware was planted by BianLian, a “dropper,” which infiltrates the Android device with utmost precision and more importantly, looks to be a friendly app. It was spotted in app categories that are more in demand like device cleaners, discounter apps, and currency/rates calculators.
The Fortinet has unearthed the banking applications that are targeted by the Mobile banking malware and here are a few of them:
Interestingly, the name ‘BianLian’ is derived from the Chinese theatrical art that symbolizes a form that keeps on changing face almost instantaneously.
Regarding the Anubis mobile banking Trojans, the research team said,
“The team recently reported that downloader apps in the store are being used as the first step in an infection routine that fetches the Marcher (aka Marcher ExoBot) and BankBot Anubis mobile banking Trojans.”
To wreck more havoc, the Anubis banking trojan sticks to apps which actually works well and have a decent rating in the Google Play store. The Anubis malware analysis done by the experts has been found it to be a smart trojan that has all the abilities to bypass safeguards on Google Play and hide from detection
She is a content marketer and has more than five years of experience in IoT, blockchain, Web, and mobile development. In all these years, she closely followed the app development, and now she writes about the existing and the upcoming mobile app technologies. Her essence is more like a ballet dancer.