Account holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an Android banking malware called
Gigabud RAT.
"One of Gigabud RAT's unique features is that it doesn't execute any malicious actions until the user is authorized into the malicious application by a fraudster, [...] which makes it harder to detect," Group-IB researchers Pavel Naumov and Artem Grischenko
said.
"Instead of using HTML overlay attacks, Gigabud RAT gathers sensitive information primarily through screen recording."
"The targets were individuals lured into filling out a bank card application form to obtain a low-interest loan," the researchers said. "The victims are convinced to provide personal information during the application process."
