• Privacy Policy
  • About Us
  • Contact Us
  • Home
  • Business
  • Computers
  • Gear
  • Real Estate
  • Review
  • Technology
No Result
View All Result
  • Home
  • Business
  • Computers
  • Gear
  • Real Estate
  • Review
  • Technology
No Result
View All Result
Cartographeum
No Result
View All Result

Ghimob Malware Targeting Financial Android Apps, Offers Remote Access to Hacker: Kaspersky

Juliet Woodard by Juliet Woodard
November 16, 2020
Home Technology
Share on FacebookShare on Twitter

New remote access Trojan called Ghimob has been targeting financial Android apps from banks, fintechs, exchanges and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola and Mozambique, security researchers at Kaspersky have discovered. This Trojan is said to have been deployed by a Brazil-based threat group Guildma – an actor part of the Tetrade family of banking Trojans – that was behind the recent Astaroth Windows malware as well. Once the Trojan is deployed on an Android smartphone, the hacker can access the infected device remotely, completing fraudulent transaction with the victim’s smartphone without consent.Kaspersky discovered the Ghimob Trojan (specifically, the Trojan-Banker.AndroidOS.Ghimob family of Trojan) while investigating another malware campaign. The Trojan is spread via email that pretends to be from a creditor and provides a link where the recipient could view more information, whilethe app itself pretends to be Google Defender, Google Docs, WhatsApp Updater, etc. If the recipient falls for the scam and clicks on the link in an Android-based browser, the Ghimob APK installer gets downloaded on their smartphones.Once infection is completed, the malware proceeds to send a message to the hacker. This includes the phone model, whether it has screen lock activated, and a list of all installed apps that the malware has as a target including version numbers. Kaspersky says Ghimob spies on 153 mobile apps, mainly from banks, fintechs, cryptocurrencies and exchanges. The report says that this includes about 112 apps from institutions in Brazil, 13 cryptocurrency apps from different countries, nine international payment systems, five bank apps in Germany, three bank apps in Portugal, two apps in Peru, two in Paraguay, and one app each from Angola and Mozambique as well.With Ghimob, the hacker can access the infected device remotely, completing the fraudulent transaction with the victim’s smartphone, so as to avoid machine identification, security measures implemented by financial institutions and all their antifraud behavioural systems. The hacker is also able to bypass screen lock, by recording it and later replaying it to unlock the device. “When the cybercriminal is ready to perform the transaction, they can insert a black screen as an overlay or open some website in full screen, so while the user looks at that screen, the criminal performs the transaction in the background by using the financial app running on the victim’s smartphone that the user has opened or logged in to,” researchers at Kaspersky explain.Ghimob tries to hide its presence by hiding the icon from the app drawer. The malware also blocks the user from uninstalling it, restarting or shutting down the phone. Kaspersky cautions, “Ghimob is the first Brazilian mobile banking trojan ready to expand and target financial institutions and their customers living in other countries. Our telemetry findings have confirmed victims in Brazil, but as we saw, the trojan is well prepared to steal credentials from banks, fintechs, exchanges, crypto-exchanges and credit cards from financial institutions operating in many countries, so it will naturally be an international expansion.”Kaspersky warns financial institutions to be vary of Ghimob and improve their authentication processes, boost their anti-fraud technology and threat intel data.Should the government explain why Chinese apps were banned? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Juliet Woodard

Juliet Woodard

Next Post
PlayStation 4 Can Now Stream PlayStation 5, Remote Play App Gets Multiplayer, HDR Support

PlayStation 4 Can Now Stream PlayStation 5, Remote Play App Gets Multiplayer, HDR Support

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

San Francisco’s Billionaire Enclave Sees Rarely Available Cliffside Home List For $25 Million

San Francisco’s Billionaire Enclave Sees Rarely Available Cliffside Home List For $25 Million

October 9, 2020
Lucifer Season 5 Releases 12:30pm On Netflix in India

Lucifer Season 5 Releases 12:30pm On Netflix in India

August 23, 2020

Trending.

Navigating Online Marketplaces? 12 Tips For Real Estate Newbies

Navigating Online Marketplaces? 12 Tips For Real Estate Newbies

January 13, 2021
Brookfield to buy 18% of RMZ’s assets for $2 billion

Brookfield to buy 18% of RMZ’s assets for $2 billion

October 19, 2020
NPPA caps price of liquid medical oxygen, medical oxygen cylinders

NPPA caps price of liquid medical oxygen, medical oxygen cylinders

September 26, 2020
How Covid-19 Has Changed The Future Of Landlording

How Covid-19 Has Changed The Future Of Landlording

September 3, 2020
For $125 Million, Jeffrey Katzenberg Sells To What’sApp Cofounder Jan Koum

For $125 Million, Jeffrey Katzenberg Sells To What’sApp Cofounder Jan Koum

September 28, 2020

Cartographeum brings you the latest information about Tech,Real Estate & Business.

Follow Us

Categories

  • Business
  • Computers
  • Gear
  • Real Estate
  • Review
  • Technology
  • Uncategorized

Tags

Amazon Apple Watch 2 Best iPhone 7 deals Bombay stock exchange BSE Business Buying Guides china closing trade coronavirus COVID-19 currency dollar rate economy Finance Ministry foreign exchange forex gold india indian economy Indian stock market Industry iOS 10 lockdown luxury homes market and exchange markets nifty Nirmala Sitharaman NSE oil pandemic Playstation 4 Pro rbi real estate Reserve Bank of India rupee rupee rate Rupee value rupee vs dollar sensex Sillicon Valley stock exchange Stocks USD

Recent News

Writing A Book As A Marketing Strategy For Your Real Estate Business

Writing A Book As A Marketing Strategy For Your Real Estate Business

January 27, 2021
Is San Francisco Losing Its Tech Hub Throne? Don’t Believe The Doomsayers, Believe The Data

Is San Francisco Losing Its Tech Hub Throne? Don’t Believe The Doomsayers, Believe The Data

January 27, 2021
  • Privacy Policy
  • About Us
  • Contact Us

© 2021 JNews - Premium WordPress news & magazine theme by Jegtheme.

No Result
View All Result
  • Home
  • Review
  • Computers
  • Gear

© 2021 JNews - Premium WordPress news & magazine theme by Jegtheme.