silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,148
Researchers have uncovered a large Android banking trojan scheme that may have impacted hundreds of millions of Russians.
Dubbed Geost, the malware is distributed via a malicious cybercriminal botnet operation consisting of 13 command-and-control servers and more than 140 malicious domains, according to a paper issued today by a trio of researchers based in the Czech Republic: Sebastian Garcia of Czech Technical University in Prague; Maria Jose Erquiaga of UNCUYO University; and Anna Shirokova, security researcher at Avast Software.
Delivered via fake, malicious applications, Geost compromises Android devices so that attackers can remotely interact with the web services of five specific banks in Eastern Europe, potentially allowing them to steal funds. The researchers have not yet publicly identified the five banks. The report also alludes to a sixth victim, described as a publicly traded Russian electronic payment service provider. The attackers can also gain access to a bevy of data pertaining to victims and their phones, and can even sort through users’ SMS messages, including those legitimately sent by the banks.
Criminals’ security lapses enable discovery of Geost mobile banking trojan
Thanks in no small part to the perpetrators’ own sloppy operational security, researchers have uncovered a large Android banking trojan scheme that may have impacted hundreds of millions of Russians. Dubbed Geost, the malware is distributed via a malicious cybercriminal botnet operation...
www.scmagazine.com