Kaspersky Lab denounces the availability of a new trojan that targets Android devices aiming to obtain sensitive information to carry out financial fraud.
The malware development team are the undoubtedly conscious mobile world, especially because of the versatility of the devices and user heterogeneity using them. In short, mobile is very easy to run into a little person aware and responsible, and that is why we especially open platforms like Android are receiving an undeserved interest from cyber-criminals. One of the most widespread malware in circulation is currently Asacub, as revealed by Kaspersky Lab.
The company has informed us that the malware ” is targeting Android users to get financial gains “. Asacub was initially designed to steal sensitive information, but have been spotted even versions of the application addressed specifically to users who use online banking. At the time of writing, these versions are available in Russia, Ukraine and the Italy, with United States still seems untouched from this point of view.
Asacub is targeting Android users for their financial gain.
Asacub is in this case a trojan, and its first version was discovered in June 2015. Its main objective was to steal the lists of users’ contacts, browser history, and a list of installed apps. The software was also able to send messages to certain numbers and lock the screen of the infected device. Asacub has always basically had the typical features of a traditional trojan designed to steal information.
Kaspersky Lab, claims to have discovered several new variants of Asacub since the autumn of 2015, with well-targeted changes to the theft of money. In the new variants of the Trojan, it includes displaying a phishing page can imitate log-in pages of banking applications. The new versions have taken root in the first Russian-language regions, and then landed in the United States with a special phishing page designed for a ” big US bank “.
The most modern versions of Asacub contained new set of features, including call forwarding and sending USSD requests (a particular service for interactive communications, no calls or SMS, between the user and the mobile phone provider), especially tools suitable for the execution of financial fraud. Although Asacub is known in various versions for several months, the first-related threat’s Trojans were found in the end of 2015.
Kaspersky claims to have identified more than 6,500 infection attempts in just one week, after a period of months in which the Trojan has remained virtually silent. Asacub is currently among the most active trojans and the security company lists him in the Top 5 of the main Trojan of the Week: ” Asacub has links with criminals linked to CoreBot, spyware based on Windows, ”
” The domain used by the server Command & Control Asacub is registered in the name of the same person they belong to dozens of domains that were used by CoreBot, ” says the executive of the company. ” It is very likely that these two types of malware are developed or used by the same group, which considers the exploitation of users using mobile banking of great value and a source of illicit gain. Based on the current trend, we imagine that in 2016 the development and prevalence of malware for mobile banking continues to grow by getting an even larger share in the panorama of malware attacks. ”
” Users should be very careful to make sure not to become the next victims, ” he concluded the manager, advising Android users use an updated anti-virus to protect against malicious software.