Group-IB has unveiled a new generation of bad Trojans for Android phones called Gustuff, which was specifically designed to steal financial and digital property from major international bank buyers and digital trading platforms. encrypted.
The new software has been a massive hit on-line, having been around for about a year.
The Gustuff software has received a number of updates over the past time and is now an important feature of both attributes and capabilities.
Trojan bank software was installed in the Android system with threats such as Anubis, Red Alert, Exobot, LokiBot and BankBot.
According to the Gustuff analysis, the software can make false credentials and automate banking operations for more than 100 bank applications worldwide and 32 applications in digital money.
Topics that you have read now:
Targets include banks such as the American Bank, Bank of Scotland, Wells Fargo, JPMorgan, Capital One, TND Bank, and BNC Bank, as well as digital currency applications such as BitPay, Cryptopay, Coinbase and Bitcoin Wallet.
Also, software can give credentials to many Android payment and other calls, such as PayPal and Western Union.
EBay, Walmart, Skype, Watsab, Gett Taxi, Revolut and others.
Gustuff works as all other Trojans on the Android market.
Social engineering software will be used to attract users to access the Android Access service, a feature that is dedicated to users with disabilities, and is a powerful tool that can interface with each other. make users and screen elements on behalf of the user.
Most of the bank malware that the Android system uses is using this service to provide them with administrator licenses and log log pages on top of other applications.
Gustuff software is misusing the service of this service differently and in a more complex way than all competitors. Group-IB warns that Gustav software is totally aimed at dollars and making profit from its employees.
The special feature of the software is that it can do ATS, a banking service, with help from Android Accessibility.
ATS refers to the ability of Trojans to handle the business from a defective user computer, rather than steal the census certificates and then use these certificates to steal money from other smart computers / telephones.
With thanks to the Android Access service, Gustuff software implemented the ATS system directly on the phone of the user. Applications can be made, credits can be completed, details of carriage and agreements may be approved their own way.
Although the Trojan horse is a new more trained troop than most of his competitors, it was not published in applications uploaded to the official Google Play store, which seems to be unable to avoid Google security checks , unlike most of the competitors.
Gustov delivers to other mobile devices by reading the machine's list link and sending messages using a link to the APK installation file.
Gustuff software has other features, such as the ability to convert Google Play Protect, the Google Play Store security feature against abuse, as well as being able to collect data from trapped devices, such as documents, Photos and videos, and the ability to reset the device to a factory situation.