BianLian Android Banking Trojan Upgraded With Screen Recorder

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
The BianLian banking Trojan has been upgraded with two new modules designed to record the screens of infected Android devices and to create a SSH server for camouflaging its communication channels.

While BianLian was initially developed as a lowly dropper designed to be a transport conduit for more capable Android malware as observed by ThreatFabric's researchers during 2018, its developers eventually added several new modules that converted it into a banking Trojan.

The extra components allow the malware to send text messages, to run arbitrary USSD codes, to lock the screens of compromised devices, and to inject push notifications and perform overlay attacks that enable it to steal banking credentials.

FortiGuard Labs researchers have now discovered yet another BianLian sample that has been further upgraded by its masters, distributed in the form of a heavily obfuscated APK that relies "on generating a variety of random functions to hide the real functionalities of the sample."
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top