400 Banks’ Customers Targeted with Anubis Trojan

The new campaign masqueraded as an Orange Telecom account management app to deliver the latest iteration of Anubis banking malware.

Customers of Chase, Wells Fargo, Bank of America and Capital One, along with nearly 400 other financial institutions, are being targeted by a malicious app disguised to look like the official account management platform for French telecom company Orange S.A.

Researchers say this is just the beginning.

Once downloaded, the malware – a variant of banking trojan Anubis – steals the user’s personal data to rip them off, researchers at Lookout warned in a new report. And it’s not just customers of big banks at risk, the researchers added: Virtual payment platforms and crypto wallets are also being targeted.


“As a banking trojan malware, Anubis’ goal is to collect significant data about the victim from their mobile device for financial gain,” the Lookout report said. “This is done by intercepting SMSs, keylogging, file exfiltration, screen monitoring, GPS data collection and abuse of the device’s accessibility services.”

The malicious version of the Orange Telecom account management app was submitted to the Google Play store in July 2021 and later removed, but the researchers warned that they believe

Read More: https://threatpost.com/400-banks-targeted-anubis-trojan/177038/