Phishing, Malware

Novel money-stealing BingoMod Android malware detailed

Share
Nexus smartphone

BleepingComputer reports that on-device fraud has been leveraged by the novel BingoMod Android malware to facilitate exfiltration of bank account funds before wiping targeted devices' data.

Threat actors leveraged smishing campaigns to deploy BingoMod in the guise of mobile security tools, such as APP Protection, AVG AntiVirus & Security, and WebSecurity, which when installed would trigger a request for Accessibility Services before proceeding with credential theft, screenshot capturing, and SMS message interception activities, an analysis from Cleafy showed. On-device fraud has been conducted by the malware through the creation of channels for command receipt and screenshot delivery, with attackers also using the virtual network computing mechanism to secure real-time screen content, said researchers, who also noted BingoMod's capability of allowing manual overlay intrusions. Additional analysis revealed the inclusion of code-flattening and string obfuscation layers in the malware to ensure stealth while remote access capabilities could be used to remove all data and conduct device resets.

Related Terms

Adware

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.