As per Bijié Wǎng, security firm Zimperium has identified a new Android malware called Fantasy Hub, which is being sold through Russian channels as a Malware-as-a-Service (MaaS) offering. The malware provides remote access capabilities, enabling attackers to conduct sophisticated spyware campaigns and steal banking credentials. It is distributed via fake Google Play pages and includes features such as SMS interception, contact and media theft, and the deployment of disguised system update malware. The threat has already targeted major Russian banks including Alfa, PSB, Tbank, and Sber. Attackers use fake app windows to mimic legitimate banking apps and steal user credentials. Zimperium warns that the abuse of default SMS handler permissions allows the malware to intercept two-factor authentication messages, increasing the risk of device compromise for mobile banking users.
Zimperium Discovers Fantasy Hub Malware Targeting Russian Banks via Fake Google Play Pages
币界网Share
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.