Discovered a new Trojan for Android that steal users ‘ money

Users of devices running Android, constantly living in a state of danger, threatened by a new Trojan called Gustuff, the existence of which was announced by the experts of Group-IB. Its main purpose – stealing money of users. This Trojan is impersonating a legitimate application, including Bank clients, instant messengers and cryptocurrency wallets, and thus provokes the victim to voluntarily provide him with the credentials from their Bank accounts.

According to experts, Gustuff there are many masks that help him to trick users to enter their device. He mimics apps like PayPal, Western Union, eBay, Walmart, Skype, WhatsApp, Gett and a number of other services that are popular in different parts of the world. Due to this Trojan gets access to a wide audience, which is not limited to residents of one country exerting their influence on all inhabited continents.

A virus that steals money

Gustuff is usually distributed via SMS. The user just receives a message with a link supposedly leading to the download of the updates for the application, receipt of remittances or from platform announcements. Clicking this link triggers the download of malicious component, which will impersonate one of the items listed in the previous paragraph, services or applications, doing away fake push notifications.

Each notification displays on the device screen phishing login window in Bank accounts or cryptocurrency wallets, depending on what services to the victim. The attackers expect that the owners of infected gadgets alone will reveal credentials that will be transmitted safely to the remote server. In total, the Trojan attacks the clients of over 100 popular in different countries of the banks and at least 30 wallets to store cryptocurrency.

Subscribe to our channel at Yandex.Zen, not to miss all the fun from the world of Android.

Leave a Reply

Your email address will not be published. Required fields are marked *