Android malware Escobar steals Google Authenticator MFA codes

Android malware

Android banking trojan Aberebot has returned under the name "Escobar" with new features including stealing Google Authenticator multifactor authentication codes.

New features of the latest Aberebot version also include taking control of the infected Android devices using VNC, recording audio and taking photos, and expanding the target apps for credential stealing.

The Trojan's main goal is to steal enough information to allow criminals to take over victims' bank accounts, siphon off existing funds and perform unauthorized transactions.

With the help of KELA's cyber intelligence platform DARKBEAST, BleepingComputer found a forum post in a Russian-language hacker forum from February 2022 in which the Aberebot developer is promoting its new version under the name "Escobar Bot Android Banking Trojan".

The malware author rents the beta version of the malware to a maximum of five customers for $3,000 per month, with criminals being able to try the bot free for three days. The developer plans to increase the price of the malware to $5,000 once development is complete.

The suspicious APK, masquerading as a McAfee app, was first spotted on March 3, 2022. This is currently not recognized by most antivirus programs.

The malware requests 25 permissions, 15 of which are misused for malicious purposes. These include Access, Audio Recording, Read SMS, Read/Write Storage, Get Account List, Disable Keylock, Make Calls and Access Precise Device Location. Everything the malware collects is uploaded to the C2 server, including SMS call logs, key logs, notifications, and Google Authenticator codes.

So if you install apps, you should only do so from trustworthy sources. But even this is no longer a guarantee that malware is not lurking there, too.

Swell):
Bleeding computer

Android malware Escobar steals Google Authenticator MFA codes was first published on xiaomist's blog .

Comments

Popular posts from this blog

What is VoLTE and how can you activate it on your Xiaomi

So you can check the battery status of your Xiaomi smartphone and how many cycles you have performed

How to exit the FASTBOOT mode of your Xiaomi if you have entered accidentally

Does your Xiaomi charge slowly or intermittently? So you can fix it

Problems with Android Auto and your Xiaomi? So you can fix it

If your Xiaomi disconnects only from the WiFi it may be because of that MIUI setting

How to change the font in MIUI and thus further customize your Xiaomi: so you can change the type, color and size of the letters of MIUI

What is the Safe Mode of your Xiaomi, what is it for and how can you activate it

Improve and amplify the volume of your Xiaomi and / or headphones with these simple adjustments

How to activate the second space if your Xiaomi does not have this option