Malware, Threat Intelligence

Updated Octo Android banking trojan variant emerges

Cyber security concept. Toy horse on a digital screen, symbolizes the attack of the Trojan virus. 3D illustration.

Sophisticated device hijacking and on-device fraud capabilities have been baked into the new Octo Android banking trojan variant dubbed "Octo2," which has been leveraged in attacks against Italy, Hungary, Moldova, and Poland, according to The Hacker News.

Malicious apps masquerading as Google Chrome, Enterprise Europe, and NordVPN created with the Zombinder APK service have been used to deploy Octo2, which also featured a Domain Generation Algorithm-based command-and-control system that increased its resistance to attempted takedowns, a report from ThreatFabric revealed. Octo2's emergence was noted by ThreatFabric researchers to have been spurred by the exposure of its source code and shift to malware-as-a-service operations earlier this year. "This variant's ability to invisibly perform on-device fraud and intercept sensitive data, coupled with the ease with which it can be customized by different threat actors, raises the stakes for mobile banking users globally," noted ThreatFabric.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds