Anubis Android Malware Is Back and It Is Focusing on Financial Institutions

In a recent malware operation, the Anubis Android banking malware is targeting clients of approximately 400 banking institutions.

The cybercriminals are attacking financial institutions, cryptocurrency wallets, and digital payment systems by posing as an Orange S.A. Android application intended to collect information such as:

browsing cookies, passwords saved on browsers, credit card details. More on Anubis Malware

Anubis is a mobile malware that affects Android smartphones and is spread using malicious apps listed on the legitimate Google Play store.

The banking malware initially surfaced on Russian hacking forums in 2016, where it was distributed as an open-source banking trojan with guidance on how to set up the client and components.

In 2019, the malware introduced what seemed to be a nearly working ransomware component and spread using fraudulent apps on Google’s Play Store. Anubis reappeared last year with large-scale phishing attacks that targeted 250 shopping and financial applications.

Anubis M.O.

When potential victims access apps for targeted platforms, Anubis malware will show bogus phishing login forms in order to steal their credentials.

The overlay screen shown below will be displayed over the genuine app’s login screen to trick users into assuming it’s a valid login form when, in

Read More: https://heimdalsecurity.com/blog/anubis-android-malware-is-back-and-it-is-focusing-on-financial-institutions/