Android users are being targeted by a new malware for financial exploit

Providing the convenience to the users, the latest technology opens the small paths to exploit financially. Over millions of people use their smart phones to pay for several goods and services. The year of 2015 found criminals exploited users focusing on the malicious financial programs for mobile devices. The early version of Asacub Trojan found the way of stealing the list of installed apps, sending SMS messages to given numbers, browser history, contact details including blocking screen of an infected device, etc. But later on, the advanced version of Asacub Trojan provided the wide picture of stealing the various information ranging from the tools that confirm the transformation of the stolen money to the phishing pages that replicate the log-in pages of the banking applications. Criminals’ initial activities created an idea that the only focus was Russian and Ukrainian banks as the programs were developed to replicate only the Russian and Ukrainian users. But it was not true, criminals’ wide target ranged from Russian, Ukrainian to US users. As their target expanded, the features of the new set of the Asacub Trojan also developed which contained starting from the call redirection to sending USSD requests. Especially, these advanced features empowered Asacub for the financial fraud.

After having a close observation on the Asacub Trojan, it was found that more than 6,500 attempts were made to infect the users with the malware within one week but, the good news was that criminals achieved no successful attempts. However, after that more than 37,000 attempts were made that tells us the wider picture of the Asacub Trojan status in 2016. Look at below to view the number of users who have been attacked:

Infected device can open the small ways for Asacub Trojans to gain control over the system that can enable criminals to steal data ranging from messages, banking credentials, snapshots, to forward calls including installing malware, and even it could be used for blackmailing or malware distribution. This is a one-stop-shop hackers asset.

The latest analysis found out the link between Asacub Malware and criminals, window based spyware called CoreBot. The domains used by CoreBot are registered to the same person as the domain used by Command & Control center. The assumption is that two types of malware are being developed by the same gang. So the criminal's target in 2016 is very huge. Users need to be extra careful to ensure not to be the next victim. In order to avoid that challenge, scan your website with DoWebScan to know the vulnerability as criminals may steal the information of your users. When users have strong faith on your brand or payment system, your responsibility is to protect their information from criminals. So vulnerability scanning and penetration testing are the most significant parts to keep healthy your security system. We offers both vulnerability scanning and penetration testing which can protect your employee’s information.