Malware, Application security

Central Asia subjected to Ajina.Banker Android malware intrusions

Scam alert, software warning fraud, cyber security. Hacker detection cyber attack on computer network, virus, spyware, malware, malicious software and cybercrime, online website. Protect information

Attacks with the novel Ajina.Banker Android trojan have been deployed to facilitate banking data and two-factor authentication code exfiltration across Central Asia, particularly banking users in Uzbekistan, since November, according to Hackread.

Numerous social engineering tactics have been leveraged by threat actors to deploy Ajina.Banker, including fake banking, government, and utility apps, as well as malicious links purporting to be for promotions or offers spread via Telegram, a report from Group-IB revealed. Aside from facilitating the theft of SMS messages, SIM card details, and financial accounts' 2FA codes, newer iterations of Ajina.Banker have also allowed the exfiltration of users' banking card information, PIN codes, and phone numbers, said Group-IB researchers, who also discovered the malware's operation on an affiliate program model. Such a threat should prompt increased vigilance on unwanted messages and downloads, as well as app permissions, with iVerify co-founder and Chief Operating Officer Rocky Cole recommending the implementation of mobile endpoint detection and response platforms to identify malicious APKs and social engineering attacks.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds