The cryptocurrency of users of Android smartphones in danger

Experts calculated a new Trojan for Android smartphones targeting the top cryptopidonia. At the moment, among the victims were users of Coinbase, BitPay and Bitcoin Wallet, and also a client base banking applications JPMorgan, Wells Fargo and Bank of America. According to the research firm Group-IB, this is the first case of detection of a Trojan under the strange name Gustuff. As you know, malicious program distributed via SMS with a download link.

The Creator of the Trojan has coded it so that automatically replaced all of the billing information in real applications. Thus, funds inadvertently users are sent to the wallets of the attacker. In addition, the virus is able to simulate real applications and thus to steal sensitive user data. So no one would suspect a trick, it gives push notifications on the screen with the original logo of other programs. Therefore, none of the smartphone owners do not realize that actually runs the fake.

Group IB tracked 27 fake crypto and banking applications. The bulk are in the U.S., 16 applications in Poland, 10 in Australia, and 9 in Germany and India. Malware affects the payment systems products and popular instant messengers, including PayPal, Revolut, Western Union, eBay, Walmart, Skype and WhatsApp.

To work Gustaff uses built-in functionality of Android, designed for people with disabilities. As noted in the IB Group, it is quite a cunning move that was not met before.

At least this will allow the Trojan to circumvent changes in the security policies of Google which are made in the new version of the Android OS. Moreover, Gustuff is able to disable Google Protect. And judging by the statement of the Creator of the Trojan, it works in 70 percent of cases.

According to sources, the virus was developed by Russian cyber criminals under the name Bestoffer, however, to target international companies in other countries. More data look at cryptodata.

Subscribe to our channel in the Telegram. And watch closely what downloading is!

Leave a Reply

Your email address will not be published. Required fields are marked *