A recent Malwr Analysis report discusses a banking trojan campaign masquerading as a State Bank of India rewards app. Delivered via WhatsApp, the malware deceives users into downloading an APK that steals sensitive banking information. Zimperium’s Mobile Threat Defense provides protections against this threat, helping to secure user data. Ongoing research has identified numerous related malicious apps and domains. Affected: Banking sector, financial institutions, app users
Keypoints :
- A banking trojan campaign is disguising itself as a State Bank of India rewards app.
- The malware is delivered via WhatsApp and tricks users into downloading a malicious APK.
- Users’ banking credentials and personal information are at risk.
- Zimperium’s Mobile Threat Defense offers zero-day protection against such threats.
- Advanced on-device machine learning classifiers identify and block malicious apps.
- Zimperium provides an SDK, Mobile Apps Protection Suite, that helps safeguard sensitive data and app integrity.
- Research has uncovered 86 additional malicious apps and 5 domains related to the campaign.
- Banking trojans pose ongoing threats to both users and financial institutions.
- Organizations can leverage Zimperium’s solutions to protect against evolving banking trojan threats.
MITRE Techniques :
- Credential Dumping (T1003): The trojan steals sensitive banking credentials from user devices.
- Malicious Software (T1203): The malware is delivered as a malicious APK disguised as a rewards app.
- App Manipulation (T1405): The SDK prevents tampering with financial apps to ensure integrity.
Indicator of Compromise :
- No IoCs Found
Full Story: https://zimperium.com/blog/zimperiums-comprehensive-protection-against-fake-sbi-reward-banking-trojan